i  urn  the  page  to  4  to  learn  more. 
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Some  well-publicized  bankruptcies  froze  the 
broadband  services  market,  but  companies 
now  are  starting  to  jump  back  into  the  pool. 
Find  out  which  technologies  are  ready  for 
deployment  today,  gj 


WLAN  managers 
see  cavalry  coming 


■  BY  JOHN  COX 

Faced  with  deploying  up  to 
1,000  wireless  access  points 
across  160  buildings 
on  two  separate  cam¬ 
puses,  McGill  Univer¬ 
sity  network  chief 
Gary  Bernstein  im¬ 
mediately  recog¬ 
nized  the  manage¬ 
ment  challenge: 

“With  a  thousand  access  points, 
you  can’t  use  sneaker  power  to 
manage  [them],”  says  Bernstein, 


Thinking 

BIGaboin 

WLANs 

Second  of 
two  parts 


whose  Montreal  educational  in¬ 
stitution  is  among  the  trailblazers 
rolling  out  large-scale  wireless 
LANs  (WLAN). 

Many  of  these  pioneers 
by  necessity  have  built 
their  own  management 
tools  and  figured  out 
management  techniques 
by  trial  and  error.  How¬ 
ever,  today  they  can  take 
advantage  of  a  growing  number 
of  third-party  management  prod¬ 
ucts.  They  also  are  starting  to 
See  WLAN,  page  84 
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THE  LOW  COST  MOVE  IS  ON. 

We  make  the  network. 


Trade  shows 
look  to  lure 
buyers,  not 
big  turnouts 

■  BY  TIM  GREENE 

Smaller  is  better,  or  so  the  pro¬ 
moters  of  IT  trade  shows  would 
have  you  believe. 

Once  anxious  to  brag  that  Com¬ 
dex  was  the  biggest  industry 
show  —  it  peaked  at  200,000 
attendees  in  2000  —  organizers 
of  the  sprawling  fall  tech  extrava¬ 
ganza  in  Las  Vegas  now  whistle  a 
different  tune:  Relevance  is  the 
thing.  About  125,000  attended 
last  year  and,  by  choice,  the  orga¬ 
nizers  are  trimming  that  back  to 
80,000  this  year. 

“Over  the  last  two  decades 
shows  were  all  about  size:  num¬ 
bers  of  people,  number  of  ex¬ 
hibitors,  big  booths,  lots  of 
tchotchkes,lots  of  noise, all  about 
brand  awareness  and  grabbing 
mindshare,”  says  Robert  Priest- 
Heck,  new  CEO  of  the  former 
Key3Media,  which  emerged  from 
bankruptcy  last  week  with  a  new 
name:  Medialive  International. 

Things  have  changed,  he  says, 
and  the  people  who  pay  for  show 
floor  space  don’t  want  lots  of 
people  walking  by;  they  want 
people  who  buy  products.“Who 
cares  about  bodies?”  Priest-Heck 
says.“People  really  want  quality 
decision  makers.” 

As  a  result,  Medialive  is  making 
an  effort  to  keep  out  the  bane  of 
trade-show  booth  staffs:  people 
who  walk  around  gathering 
T-shirts,  pens  and  other  giveaways 
but  don’t  buy  anything.  Attendees 
will  either  be  pre-qualified  for 
Comdex  by  the  nature  of  their 
work  or  pay  to  attend.  And  to 
maintain  a  corporate  focus,  the 
See  Shows,  page  85 
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Move  afoot 
to  speed 
XML  traffic 


■  BY  JOHN  FONTANA 

The  growing  use  of  XML  and 
Web  services  is  fueling  devel¬ 
opment  of  hardware  that 
promises  to  accelerate  the  pro¬ 
cessing  of  XML  traffic  and  even¬ 
tually  become  a  staple  of  net¬ 
work  architectures. 

Start-up  vendors  are  poised  to 
introduce  products,  established 
vendors  are  receiving  millions  of 
dollars  in  additional  funding, and 
network  stalwarts  such  as  Cisco 
are  keeping  a  watchful  eye  on 
developments. 

So-called  XML-aware  network 


hardware  or  traffic  acceleration 
devices  work  at  or  near  wire 
speeds  to  process  bulky  XML  mes- 
sages.This  is  an  exercise  that  users 
find  can  eat  up  nearly  80%  of  ser¬ 
ver  processing  power  when  done 
with  application  server  software. 

A  new  generation  of  enterprise 
class  XML  protocols  for  security 
process  workflow,  reliability  and 
management  only  promises  to 
accentuate  the  problem. 

“XML  trades  performance  for  ex¬ 
tensibility’ says  Ted  Schadler,  prin¬ 
cipal  analyst  for  software  at  For¬ 
rester  Research. “The  extensibility 
See  XML,  page  82 


Traffic  jam 

Because  of  its  use  in  Web  services  applications,  XML’s 
network  presence  is  predicted  to  grow  rapidly. 
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Securing  your  5,000-user  network  requires  ; 
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Introducing  Microsoft  Windows  Server  2003.  Do  more  with  less. 
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You’re  being  asked  to  do  more..  You’re  being  asked  to  do  it  with  less.  Microsoft  Windows  Server  2003  is  designed 
to  manage  these  opposing  forces  and  help  you  deliver  an  end-to-end  security  solution  with  less  time,  money, 
;  'and  hassle.  Get  your  free  evaluation  copy  of  Windows  Server  2003  at  microsoft.com/windowsserver2003 
by  July  31.  2003.  Software  for  the  Agile  Business. 

QUALCOMM  Incorporated,  the  wireless  technology  leader,  built  their  secure  networking  and  communications  infrastructure 
onWmdows  Server  2003.  The  company  deployed  the  Active  Directory  service.  Group  Policy,  and  network  security  features 
.  to'hefp  provide  secure  wireless  access,  remote  connectivity,  and  identity  administration  for  nearly  6,000  employees. 
QUALCOMM  anticipates  a  more  secure  infrastructure,  along  with  up  to  33%  lower  management  costs. 
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SUN  FIRE™  V60X  SERVER: 

>  INTEL  XEON  2.8  GHZ  PROCESSOR 

>  RUNS  SOLARIS™  9  OS  FOR  X86  OR  RED  HAT®  ENTERPRISE  LINUX®  ES 


$2,450. 


SUN  FIRE  V210  SERVER: 

>  RACK-OPTIMIZED,  ULTRASPARC7S0LARIS  OS 

>  INTEGRATED  WITH  AWARD-WINNING  SUN™  ONE  MIDDLEWARE 


$2,995. 


SUN  STOREDGE™  3310  SCSI  ARRAY: 

>  HIGH-DENSITY,  MODULAR  STORAGE 

>  HIGH  AVAILABILITY  CONFIGURATIONS 

$6,995. 

SUN  FIRE  BlOO  BLADE  SERVER: 

>  ULTRASPARC  OR  X86  PROCESSOR 

>  RUNS  SOLARIS  8,  9,  OR  RED  HAT  ENTERPRISE  LINUX  ES* 

$1,795- 


COST  MOVE  IS  ON 


•ULTRASPARC  blades  run  Solans  8  and  9.  *86  blades  run  Solans  9  for  x86  and  Red  Hat  Enterprise  Linux  once  certified,  Summer  2003- 

£  2003  Sun  Microsystems.  Inc  All  rights  reserved  Sun,  Sun  Microsystems,  the  Sun  logo,  Solaris,  Sun  Fire  and  Sun  StorEdge  are  trademarks  or  registered  trademarks  of  Sun  Microsystems,  Inc.  in  the  United  States  and  other  countries.  All  SPARC  trademarks  are  used  under  license  and  are  trademarks  or  registered  trademarks  of  SPARC  International,  Inc.  in  the  United  States  and  other  countries 
Products  bearing  SPARC  trademarks  are  based  on  an  architecture  developed  by  Sun  Microsystems,  Inc .  Red  Hat  and  Red  Hat  Linux  are  registered  trademarks  of  Red  Hat,  Inc.  in  the  US  and  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds. 
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■  8  Confusion  reigns  over  data  archiving. 

■  8  Financial  instant  messages  to  be  stored  for  three  years. 

■  10  MCI  introduces  new  IP  offerings  at  CeBit. 

■  10  Vendors  promise  to  improve  security  appliances. 

■  12  HP  tells  users  to  adapt. 

■  12  Nortel  tries  to  stack  up. 

■  14  The  skinny  on  SCO  and  IBM. 

■  16  Verizon,  unions  seek  accord. 

■  82  Start-up  touts  application  integration  in  an  appliance. 


Infrastructure 

■  17  VoIP  brings  change  to  the 
channel. 

■  17  Cautious  users  cast  wary 
eye  on  WLANs. 

■  20  Kevin  Tolly:  Ethernet 
at  30. 

Enterprise 

Applications 

■  23  IBM  users  take  on 
integration. 

■  26  Security  appliance  adds 
peer-to-peer  controls. 

■  26  Stalker  server  gets  group- 
ware  features. 

■  26  Low-cost  Sun  bundles  target 
financial  services  industry. 

■  30  Scott  Bradner:  Head 
ing  into  the  FCC's  'Net  access  stats. 

Service  Providers 

■  33  New  Edge  promising  lower 
costs  with  new  frame  Relay  over 
DSL  service. 

■  33  Vonage  aims  IP  phone 
service  at  small  businesses. 

■  34  Johna  Till  Johnson: 

Tips  for  better  managing  your 
service  providers. 

■  36  Special  Focus:  Ethernet 
continues  to  grow  at  the  ripe  old 
age  of  30. 
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■  53  Law  firm  dumps  BlackBerry 
for  Good. 

Technology  Update 

■  55  802.11e  brings  QoS  to 
WLANs. 

■  55  Steve  Blass:  Ask  Dr. 

Internet. 

■  56  Mark  Gibbs:  Network 
for  wireless  show  starts  with  KVM 
switch. 

■  56  Keith  Shaw:  Converged 
devices  have  cell  phone  feel. 

Opinions 

■  58  Editorial:  SCO  fly.  don't 
bother  me. 

■  59  Jeff  Kaplan:  Telcos  find 
their  place. 

■  59  Linda  Musthaler:  Time 
to  rein  in  spam. 

■  86  BackSpin:  Sen.  Hatch 
and  the  record  industry's  jihad. 

■  86  ’Net  Buzz:  Book  gives  a 
fascinating  look  into  the  soul  of 
Dean  Kamen's  machine. 

Management 

Strategies 

■  70  Talking  the  talk:  Tips  for 
improving  communication  with 
business  management  from  an  IT 
consultant. 


What’s  next  for 

the  enterprise? 

Look  to  our  special  editorial  supplement 
beginning  after  page  36.  You'll  find: 

VoIP’s  hidden  costs. 

Bring  on  the  voice  apps. 

Taking  the  threat  out  of  voice. 
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Features 


If  you're  considering  rolling  out  a  new  broadband  service,  this  report  will  describe 
the  technologies  that  are  ready  for  prime  time,  those  you  should  have  on  your 
radar  screen  and  those  that  are  several  years  away.  Page  61. 


Review: 

Red  Hat  edges  out  United  Linux  in  our  test  of  Linux 
distributions.  Page  64. 

Review: 


Oculan’s  network  management  tools  offers  plug-and-play 
functionality,  Page  68. 

Tester's  Choice: 

Tom  Henderson  is  being  driven  crazy  by  drivers.  Page  69. 
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Interactive 

Wireless  Wizards 

In  our  newest  Fusion-exclusive  column,  each  week  our  Wizards  will 
answer  your  tough  questions.  This  week,  they  answer  the  question:  "We 
are  in  the  process  of  deploying  an  802.11-based  WLAN.  How  do  we 
determine  optimal  radio  coverage  throughout  the  campus?"  Read  the 
columns,  then  see  if  you  can  stump  the  Wizards!  DocFinder:  6437 

VoIP:  What’s  next  for  the  enterprise? 

Check  out  our  editorial  supplement  on  convergence  this  week,  then 
head  online  for  more  information  and  strategy.  For  example,  find  out 
which  soft  savings  will  help  you  make  a  stronger  ROI  case  when  it 
comes  to  VoIP. 

DocFinder:  6438 

Seminars  and  Events 

Don't  be  overwhelmed  by  storage  demands 

Join  storage  expert  Steve  Duplessie  and  leading  industry  vendors  for 
Network  World's  Storage  Technology  Tour,  “Shoring  Up  Your  Enterprise 
Strategy."  Reserve  your  seat  today. 

DocFinder  4937 


Columnists 

Compendium 

One  way  to  lock  down  your  computer 
Fusion  Executive  Editor  Adam  Gaffin  says  it's  the  ultimate  in  PC 
security:  All  you  need  is  a  large  container,  a  shovel,  a  screwdriv¬ 
er,  water,  concrete  mix  and  some  wood.  DocFinder:  6440 

Telework  Beat 

How  sticky  are  we? 

Net.Worker  Managing  Editor  Toni  Kistner  says  cable 
providers  could  face  a  tough  time  hanging  onto  their  broad¬ 
band  customers.  DocFinder:  6441 

Small  Business  Tech 

Where  to  turn  for  IT  services? 

Columnist  James  Gaskin  looks  at  how  one  small  company 
chose  its  technology  partner.  DocFinder.  6442 

Digital  Domicile 

Catching  customers  With  home  nets 

Columnist  Mike  Wolf  examines  why  telcos  are  ahead  of  cable 

companies  in  providing  broadband -managed  home  networks. 

DocFinder:  6443 
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Breaking  News 

Exclusive  up-to-date  news  every  da ..  DocFinder:  6342 

Free  e-mail  newsiette 

Sign  up  for  any  free  e-mail  newslet  DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the  home 
page,  and  you’ll  jump  directly  to  the  requested 
information. 
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Microsoft:  No  more  IE  for  Apple 

■  Microsoft  will  stop  developing  versions  of  its  Internet  Explorer 
browser  software  for  Macintosh  computers, saying  that  Apples  Safa¬ 
ri  is  all  that  Apple  needs.  Microsoft  will  no  longer  develop  Explorer 
as  independent  software,  only  as  part  of  its  Windows  operating  sys¬ 
tem. “Browsers  are  now  a  generally  established  piece  of  the  operat¬ 
ing  system,  and  it  doesn’t  make  sense  to  keep  developing  them  sep¬ 
arate^’ says  Neil  Laver,  Microsoft  U.K.  desktop  marketing  manager. 
Microsoft’s  development  of  Explorer  for  Apple’s  computers  was  dri¬ 
ven  by  a  five-year  agreement  that  has  lapsed.  The  decision  will 
cause  concern  for  Mac  users  who  use  Explorer  to  access  sites  that 
are  not  accessible  using  other  browsers.  Many  site  developers  de¬ 
velop  purely  for  Explorer,  as  it  is  the  dominant  browser  worldwide. 

FTC  catches  Guess  with  pants  down 

■  The  Federal  Trade  Commission  has  settled  a  case  with  clothing  marketer  Guess,  stem¬ 
ming  from  complaints  that  since  at  least  October  2000,  www.guess.com  has  been  vulner¬ 
able  to  commonly  known  attacks  that  let  personal  information  including  credit  card  num¬ 
bers  be  exposed  to  hackers.  Guess  claimed  its  Web  site  “has  security  measures  in  place  to 
protect  the  loss,  misuse  or  alteration  of  information  under  our  control.”The  FTC  said  per¬ 
sonal  information  was  not  stored  in  unreadable  and  encrypted  format  at  all  times  and  that 
Guess  failed  to  protect  against  commonly  known  attacks.  In  February  2002,  a  visitor  to  the 
Web  site,  using  a  SQL  injection  attack,  read  in  clear  text  the  credit  card  numbers  stored  in 
Guess  databases, according  to  the  FTC,  which  was  bringing  such  a  case  for  the  third  time. 
The  FTC  settlement  requires  Guess  to  implement  a  comprehensive  security  program. 

0SDL  lands  Mr.  Linux  himself 

■  As  Linux  continues  to  make  inroads  into  enterprise  data  centers,  the  developer  of  the 
open  source  software  has  joined  Open  Source  Development  Labs,  a  consortium  focused 
on  developing  the  Linux  operating  system  for  corporate  use.  Linus  Torvalds,  who  created 
Linux  in  1991  when  he  was  a  university  student  in  Finland,  is  taking  a  leave  of  absence 
from  chip  maker  Transmeta  to  move  to  OSDL  where  he  will  focus  exclusively  on  Linux. 
Torvalds  will  become  the  first  fellow  of  OSDL, which  is  a  nonprofit  organization  formed  in 
2000  to  accelerate  the  growth  and  adoption  of  Linux  in  corporations.  Its  members  include 
Cisco,  Computer  Associate's,  HP  and  IBM.  Stuart  Cohen,  who  took  over  as  CEO  of  OSDL  in 


Drilling  down  into  CDs 

Ever  wonde  red  what  would  happen  if  you  spun  a  CD  on  a  high-speed  drill?  “On  con¬ 
tacting  the  dosed  door,  the  CD  did  a  most  unexpected  thing:  it  first  bounced  back  a 
few  inches,  and  then,  when  it  hit  the  door  again,  it  jumped  straight  up  the  door  and 
struck  the  ct  ing,  exploding  into  thousands  of  fragments  which  rained  down  on  the 
entire  room."  More  (with  video)  at  www.nwfusion.com,  DocFinder:  6446. 


TheGoodTheBadTheUgly 

crr> 

<g>  Can’t  go  without  e-mail?  Even  at  30.000  feet?  United  Airlines 
became  the  first  U.S.  airline  to  announce  an  in-flight  e-mail  service.  How  much? 
A  shade  less  than  $16  per  flight,  plus  10  cents  per  kilobyte  over  2K  bytes. 

Not  too  comforting.  A  Deloitte  Touche  Tohmatsu  survey  made 
public  last  week  shows  that  39%  of  financial  institutions  suffered  one  or  more 
security  breaches  within  the  past  year,  and  two- 
thirds  of  those  incidents  originated  from 
outside  the  company.  Only  5%  of  respondents 
reported  being  "extremely  confident"  in 
their  protections  against  such  attacks. 

Booby  prize  for  Hatch. 

Politicians  often  say  silly  things  about  policing 
the  Internet,  but  this  one  from  Sen.  Orrin  Hatch 
(R-Utah)  might  set  a  new  standard.  Speaking 
about  the  music  industry's  problem  with  online 
copyright  infringement,  Hatch  said  that  remotely 
damaging  an  offender's  computer  “may  be  the 
only  way  you  can  teach  somebody  about 


copyrights. 


Left  unaddressed  was  how  to 


teach  lawmakers  about  the  dangers  of  vigilantism. 
(See  Mark  Gibbs'  commentary,  Page  86.)  >>; 


BRIAN  GAIORY 


April,  says  Torvalds’ decision  to  join  OSDL  lends  credibility  to  the  organization  that  is  aim¬ 
ing  to  be  the  center  of  Linux  development  in  corporations.  Last  year,  OSDL  launched  the 
Data  Center  Linux  project  to  strengthen  Linux  as  an  enterprise  computing  platform. 

Voice  system  saves  Amtrak  millions 

■  The  voice  that  answers  the  phone  at  1-800-USA-FLML,  Amtrak’s  reservation  line  — “Julie” 
—  now  is  trained  to  process  credit  card  payments  for  a  reservation.  What  took  Julie  so 
long  to  learn  credit  card  transactions?  She  is  really  a  machine, eight  of  them  to  be  precise. 
SpeechWorks,  the  systems  original  developer,  reused  an  existing  voice-enabled  credit 
card  module  tweaked  for  Amtrak  to  help  process  reservation  bookings  and  payment  with¬ 
out  the  need  for  human  intervention.The  credit  card  service  began  rolling  out  in  April  and 
now  is  available  nationwide.  The  system  accepts  20  million  incoming  calls  annually,  of 
which  25%  to  33%  are  handled  without  the  need  for  a  human  agent.  Amtrak  estimates  it 
has  saved  $13  million  since  the  service  came  online  in  April  2001. 

Report  applies  cold  press  to  hot  spot  fever 

■  IDC  threw  cold  water  on  the  hot  spot  hype  this  week,  predicting  that  although  world¬ 
wide  commercial  Wi-Fi  locations  are  set  to  grow  57%  annually  over  the  next  five  years,  the 
market  is  still  young  and  rife  with  uncertainty.  In  a  report  summary,  IDC  analysts  likened 
the  hot  spot  market  to  a  “technology  gold  rush”  and  warned  that  despite  promises.it  is  still 
in  the  early  phases  of  deployment.  Most  business  models  are  not  yet  proven, and  the  com¬ 
petitive  landscape  is  very  unclear. The  firm  predicted  that  the  Wi-Fi  market  would  evolve 
in  two  stages,  with  an  emphasis  on  network  expansion  over  the  next  two  years,  followed 
by  three  years  of  relationship  building  among  carriers.  Still,  the  market  could  offer  some 
sizzling  revenue  opportunities.  IDC  estimates  that  Wi-Fi  revenue  streams  would  grow  143% 
annually  over  the  next  five  years,  while  the  number  of  users  is  expected  to  double  each 
year  over  that  same  period. 

PeopleSoft  again  rebuffs  Oracle  bid 

■  FL'opleSoft’s  board  of  directors  on  Friday  again  rejected  Oracles  bid  for  the  company, and 
recommended  that  its  shareholders  shoot  down  the  $6.3  billion  offer, saying  the  deal  is  not 
in  the  best  interest  of  the  company  and  would  likely  run  afoul  of  antitrust  laws. The  rejec¬ 
tion  came  two  days  after  Oracle  sweetened  its  original  $5. 1  billion  offer  for  the  Pleasanton, 
Calif.,  enterprise  software  provider,  which  sparked  the  firestorm  between  the  companies. 
Oracles  initial  bid,  on  June  6, came  just  days  after  FfeopleSoft  announced  it  was  acquiring 
J.D.  Edwards,  putting  the  merger  in  jeopardy.  PeopleSoft  and  J.D.  Edwards  sued  Oracle  over 
its  aggressive  pursuit,  and  Oracle  shot  back  earlier  thus  week,  increasing  its  offer  for 
FfeopleSoft  and  suing  the  company  for“eliminating" shareholders' ability  to  accept  the  offer 


Riley’s  band  took  second  place 
in  a  battle  of  the  bands  contest. 
They  won  some  hair  gel 
and  a  Neil  Diamond  album. 
Keep  on  rockin’,  Riley. 


Nothing  beats  number  one. 


RETINA®  The  #1  Rated  Network  Security  Scanner 

Superior  Vulnerability  Assessment  &  Remediation 
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Confusion  reigns  over  data  archiving 


Securities  firms  in  e-mail  hole 


In  the  last  six  months  the  Securities  and  Exchange  Commission,  the  New  York  Stock  Ex¬ 
change,  the  National  Association  of  Securities  Dealers  and  Massachusetts  security  regulators 
have  passed  down  fines  to  several  top  brokerages  for  losing  or  not  archiving  e-mail. 


Company 

Fine 

Violation 

Date 

SG  Cowen 

$100,000 

E-mails  deleted  before  retention 
period  expired. 

May  2003 

Deutsche  Bank  Securities 

$1.65  million 

Violated  SEC  17a-4,  NYSE  440 
and  NASD  3110. 

December  2002 

Goldman  Sachs 

$1.65  million 

. 

Violated  SEC  17a-4,  NYSE  440 
and  NASD  3110. 

December  2002 

Morgan  Stanley 

$1.65  million 

Violated  SEC  17a-4,  NYSE  440 
and  NASD  3110. 

December  2002 

Salomon  Smith  Barney 

$1.65  million 

Violated  SEC  17a-4,  NYSE  440 
and  NASD  3110. 

December  2002 

U.S.  Bancorp  Piper  Jaffray 

$1.65  million 

_ 

Violated  SEC  17a-4,  NYSE  440 
and  NASD  3110. 

December  2002 

■  BY  DENi  CONNOR 

NEW  YORK  —  Users,  vendors 
and  securities  industry  officials 
wrangled  last  week  at  the  Secu¬ 
rities  Industry  Association  Tech¬ 
nology  Management  Conference 
in  New  York  about  ambiguous 
Securities  and  Exchange  Com¬ 
mission  requirements  on  e-mail 
archiving  and  retention. 

Storage  vendors  EMC  and  Iron 
Mountain  reacted  to  the  recently 
released  SEC  17a^l  Interpretive 
Ruling  by  showing  off  hardware 
and  software  that  they  say  com¬ 
plies  with  the  ruling.The  original 
SEC  Rule  17a-4  and  the  new 
Interpretive  Release  define  how 
broker-dealers  should  archive 
and  retain  electronic  communi¬ 
cations,  including  e-mails  and 
instant  messages  relating  to 
trades. 

“There  is  a  lot  of  confusion  in 
the  securities  industry  about 
what  has  to  be  retained  and  for 
how  long,”  said  Mark  Lackritz, 
president  of  the  S1A,  in  a  speech 
at  the  show. 

After  years  of  clamoring  by 
security  organizations  to  clarify 
the  records  management  rule,  the 
SEC  issued  the  interpretive  re¬ 
lease  in  May.  This  interpretation 


clearly  dispels  the  issues  around 
the  deployment  of  storage  hard¬ 
ware  and  software  for  e-mail 
retention,  the  SEC  says. 

The  interpretation  says  that 
broker-dealers  must  preserve  re¬ 
cords  “in  a  non-rewriteable  and 
non-erasable  format.”This  means 
that  customers  can  deploy  sys¬ 
tems  that  use  disk-based  storage 
media  and  integrated  software 
that  prevents  the  overwriting, era¬ 
sure  or  alteration  of  records. 
Previous  to  the  interpretation, 
users  understood  this  to  mean 
that  e-mails  and  instant  mes¬ 
sages  needed  to  be  stored  on 
write-once,  read-many  storage 
media  —  such  as,  optical  plat¬ 
ters,  CD-ROMs  or  DVDs. 

But  neither  the  SEC  nor  the  non¬ 
government  self-regulatory  orga¬ 
nizations  (SRO),  such  as  the 
National  Association  of  Securities 
Dealers,  specify  which  hardware/ 
software  combinations  are  com¬ 
pliant.  That  means  IT  executives 
are  left  to  determine  if  their  de¬ 
ployment  of  storage  software  and 
hardware  are  compliant. 

“The  SRO  isn’t  going  to  tell  the 
customer  what  is  compliant,”  says 
Patrick  Gordon,  a  consultant  with 
Compliant  Systems  Consulting. 
“[Customers]  are  going  to  have  to 


get  their  compliance  people, 
legal  departments  and  their  IT 
people  together  and  hash  out  the 
rules.  It’s  up  to  the  users  to  do 
their  own  research.” 

The  interpretation  is  also  “the 
death  knell”  for  systems  that  use 
passwords,  authentication  and 
approval  policies  to  ensure  that 
e-mails  aren’t  deleted  or  altered, 
Gordon  says. 


“Such  systems  —  which  may 
use  software  applications  to  pro¬ 
tect  electronic  records,  such  as 
authentication  and  approval 
policies,  passwords  or  other 
extrinsic  security  controls  —  do 
not  maintain  the  records  in  a 
manner  that  is  non-rewriteable 
and  non-erasable,”  the  interpre¬ 
tive  release  says. 

Analysts  also  say  the  ambiguity 
of  the  rule  and  the  SEC’s  refusal  to 
make  specific  technology  recom¬ 
mendations  might  cause  delays 
in  equipment  deployment  of  stor¬ 
age  projects. 

“The  interpretive  release  pro¬ 
vides  users  with  confirmation 
that  they  are  on  the  right  track,” 
says  Peter  Gerr,  senior  analyst 
with  Enterprise  Storage  Group. 
“Whether  the  interpretation  will 
delay  technology  purchases  or 
not  depends  on  vendors’  aware 
ness  with  the  whole  process  and 
their  assistance  to  the  customer 
in  navigating  it.” 

Users  might  want  to  comply 
with  the  rule  quickly  and  not  put 
their  companies  at  risk, especially 
in  light  of  fines  recently  levied 
against  firms  such  as  SG  Cowen 
Securities.  SG  Cowen  was  fined 
$100,000  earlier  this  month  by 
Massachusetts  securities  regula¬ 
tors  for  not  keeping  e-mails. 

After  several  years  of  inaction 
and  non-compliance  with  Rule 
17a-4,  which  was  adopted  in  1939 
for  paper  microfilm  and  micro¬ 
fiche,  the  SEC,  National  Associ¬ 
ation  of  Securities  Dealers  and 
the  New  York  Stock  Exchange 
fined  five  other  securities  firms 
for  a  total  of  $8.25  million  in 
December  2002  for  not  comply¬ 


ing  with  the  SEC  rule. 

The  SIA  recommends  that  cus¬ 
tomers  planning  to  implement 
email  retention  systems  submit  a 
letter  to  their  SRO  detailing  the 
hardware  and  software  they  want 
to  deploy  as  much  as  90  days 
before  installing  it.The  SRO,  while 
familiar  with  the  technologies, 
does  not  issue  a  list  of  the  soft¬ 
ware  and  hardware  combina¬ 
tions  that  comply. 

That’s  where  service  provider 
companies  such  as  Iron  Moun¬ 
tain  can  help, says  one  brokerage 
firm  executive  who  didn’t  want 
his  company  named. 

“We  four\d  the  outsourced 
model  to  have  a  lower  starting 
cost  and  potentially  a  lower  total 
cost  of  ownership  than  doing 
this  in-house,”  he  says. 

On  the  product  front,  Iron 
Mountain  has  added  e-mail 
supervision  and  support  for  liti¬ 
gation  discovery  and  regulatory 
investigations  to  its  Digital 
Archives  Services.  Supervision  of 
e-mail  and  instant  messaging  is  a 
requirement  of  the  National 
Association  of  Securities  Dealers 
Rule  3010  and  the  New  York 
Stock  Exchange  Rule  342,  which 
stipulate  that  broker-dealers 
establish  procedures  for  moni¬ 
toring  electronic  communica¬ 
tions  and  keep  records  of  super¬ 
visory  reviews. 

EMC  also  announced  that  its 
recently  introduced  Centera 
Compliance  Edition  meets  the 
SEC  interpretive  release  and  fur¬ 
ther  complies  with  the  Depart¬ 
ment  of  Defense  electronic  certi¬ 
fication  5015.2  Records  Manage¬ 
ment  standard.  ■ 


Financial  IM  to  be  stored  for  three  years 


U.S.  securities  regulators  put  a  further  onus 
on  financial  firms  to  keep  records  of  their 
business  this  week,  this  time  focusing  on 
the  increasingly  popular  form  of  communication 
known  as  instant  messaging. 

The  National  Association  of  Securities  Dealers 
(NASD)  informed  its  roughly  5,300  brokerage 
firm  members  Wednesday  that  they  must  retain 
their  instant-messaging  records  for  at  least  three 
years.  Under  federal  law,  securities  firms  doing 
business  with  the  U.S.  public  must  be  a  member 
I  of  NASD. 

The  rule,  which  follows  similar  regulations  for 
e-mail,  could  leave  financial  firms  scrambling  to 
rein  in  employees'  use  of  the  quickfire  communi¬ 
cation  tool.  What's  more,  NASD  advised  that  se¬ 
curities  firms  must  supervise  employees'  instant- 
message  use  and  that  consumer  instant-mes¬ 
saging  products  are  often  not  adequate  because 
?  they  don't  allow  for  monitoring. 

“Firms  have  to  remember  that  regardless  of  the 
informality  of  instant  messaging,  it  is  still  subject 
>  to  the  same  requirements  as  e-mail  communica¬ 
tions,  and  members  must  ensure  that  their  use  of 
instant  messaging  is  consistent  with  their  basic 
supervisory  and  record-keeping  obligations," 

Mary  Schapiro,  NASD  vice  chairman  and  presi¬ 


dent  of  regulatory  policy  and  oversight,  said  in  a 
statement. 

While  financial  firms  have  been  early  adopters 
of  corporate  instant-messaging  products  that 
offer  archiving  capabilities,  the  new  rule  still 
could  affect  firms  that  have  not  put  monitoring 
practices  into  place  or  have  employees  who  use 
consumer  instant-messaging  products  in  addition 
to  company-sanctioned  instant-messaging  tools. 

Olivier  Beauvillain,  an  analyst  with  Jupiter 
Research,  says  the  new  rule  could  lead  compa¬ 
nies  to  put  the  same  sort  of  restrictions  on 
instant  messaging  that  they  put  on  workplace 
Web  use,  even  if  employees  are  using  it  to  com¬ 
municate  with  friends  and  family. 

But  while  security  firms  are  under  the  gun  to 
rope  in  their  employees'  messaging  habits,  the 
rule  could  spell  good  news  for  the  growing  num¬ 
ber  of  corporate  instant-messaging  vendors. 
Leaders  in  the  consumer  instant-messaging  mar¬ 
ket,  such  as  Microsoft,  Yahoo  and  AOL,  have  all 
rolled  out  corporate  versions  of  their  products  in 
recent  months  and  could  stand  to  benefit  from 
the  new  regulations. 

—  Scarlet  Pruitt  is  a  correspondent  with  the 
IDG  News  Service’s  London  bureau. 
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Legendary  Reliability' 


you  really  as  dense 
we  think  you  are? 


As  racks  become  increasingly  popu¬ 
lated  with  thinner,  deeper  servers, 
high  power  densities  in  your  server 
room  or  data  center  can  create 
havoc,  from  early  equipment  failures 
to  expensive,  forget-about-your-job- 
security  downtime. 

Introducing  InfraStruXure™  architec¬ 
ture,  the  industry's  only  patent-pend¬ 
ing,  network-critical  physical  infra¬ 
structure.  InfraStruXure™  lets  you 
target  power  and  cooling  precisely 
where  your  mission-critical  applica¬ 
tions  live — the  rack  enclosure. 

And  because  InfraStruXure  architec¬ 
ture  uses  a  modular,  manageable,  pre¬ 
engineered  approach,  you  can  select 
standardized  components  to  create 
your  own  customized  solutions. 

Which  means  you  can  target  avail¬ 
ability,  pay  as  you  grow,  adapt  to 
change,  and  maximize  efficiency 
while  minimizing  installation,  operat¬ 
ing,  service,  and  maintenance  costs. 

In  times  like  these,  it  pays  to  think 
smart.  For  more  information  on 
InfraStruXure's  open,  adaptable, 
and  integrated  architecture  for  on- 
demand,  network-critical  physical 
infrastructure,  visit  us  online  today 
at  www.apc.com. 


Winner  of  the  Windows  and  Net  Magazine  '2002  Reader's 
Choice  Award  for  Best  High  Availability  Solution",  the  GCN 
"Best  New  Technology  Award"  at  FOSE,  March  2002. 
I Awarded  to  PowerStruXure ",  which  is  now  included  under 
the  InfraStruXure *  brand.)  Winner  of  the  Communications 
Solutions  Magazine’s  "2002  Product  of  the  Year"  award. 


[hot  air]*^- 


Infrastructure 


J(u 


Open,  adaptable  and  integrated 
architecture  for  on-demand 
network- critical  physical  infrastructure 


Every  product  carrying  this  mark  has 
been  tested  and  certified  for  use  with 
InfraStruXure™  architecture.  Before 
you  buy,  check  for  the  X  to  guarantee 
product  compatibility. 


Legendary  Reliability® 


"If  I  had  purchased  the  incum¬ 
bent  vendor's  3-phase  upgrade 
model,  I  would  have  paid  75% 
more  in  service  costs  over  the 
next  four  years  and  I  would 
have  had  to  utilize  50%  more  of 
my  precious  floor  space." 


Captain  Timothy  Riley 
Support  Services  Division 

City  of  Newport  Beach  Police  Department 


[power  routing] 


[cold  air] 


InfraStruXure's  advanced  cooling 
components  help  remove  heat  from 
your  servers  and  target  air  circulation 
where  it  is  most  needed. 


"Our  Video  on  Demand  (VOD) 
servers  are  air  cooled  from  front 
to  back.  The  APC  racks  that 
house  the  InfraStruXure  are  also 
designed  to  cool  from  front  to 
back.  So  the  same  racks  can 
effectively  house  our  power  sys¬ 
tem  and  our  servers." 


Vince  Pombo 

Vice  President  of  Engineering 

Rich  Flanders 

Director  of  Engineering 

Time  Warner  Cable 


High  power  densities  can  create  hot 
spots,  which  cause  equipment  failures 
and  expensive  downtime. 


Air  components  designed  for 
InfraStruXure m  are  manageable  via 
network  technology,  and  feature  a 
modern,  reliable  design  with  fewer 
moving  parts. 


Equipment  Racks 


c 


Batteries 

mm  mm 


UPSs 


Traditional  data  centers  are  built  out 
for  future  capacity  and  require  a 
large  amount  of  floor  space  that 
could  be  otherwise  utilized.  High 
power  density  racks  create  danger¬ 
ous  hot  spots. 


InfraStruXure  Architecture 


CL 


InfraStruXure™  lets  you  build  out  capacity 
only  as  it's  required.  Save  up  to  50% 
CapEx  and  20%  OpEx*,  and  reclaim  an 
average  of  20%  usable  space. 
InfraStruXure  AIR  delivers  cooling 
directly  where  it  is  needed,  eliminating 
dangerous  hot  spots. 


POWER  RACK  AIR 


BEFORE 


AFTER 


•  Representative  savings  based  on  projected  power  infrastructure  build-out  costs  and  estimated  service  cost  per  unitActual  savings  may  vary. 
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MCI  launches  new  IP  offers  at  CeBit 

■  BY  DENISE  PAPPALARDO 


management  view  into  their  VPNs  whether  they  are 
on  frame  relay  ATM,  dedicated  or  dial-up  IP 
MCI  also  revealed  plans  to  roll  out  a  Wi-Fi  service 
and  a  new  satellite  offering  later  this  year. 

The  carrier  is  teaming  with  Wayport  to  offer  busi¬ 
ness  users  wireless  LAN  (WLAN)  connectivity 
throughout  the  U.S.  Users  will  be  able  to  connect  to 
the  Internet  or  corporate  VPNs  through  one  of  Way- 
port’s  600  access  points. 

MCI  says  it  is  still  working  out  how  much  the  Wi-Fi 
offering  will  cost,  but  the  pricing  model  will  be 
based  on  usage.  The  Wi-Fi  service  is  expected  to  be 
available  next  month. 

AT&T  earlier  this  month  announced  plans  to  offer 
Wi-Fi  access  to  its  Internet  access  customers,  but  the 
carrier  said  Wi-Fi  access  to  VPNs  would  not  be  avail¬ 
able  until  next  year. 

Sprint  says  it,  too,  is  launching  managed  wireless 
support  for  its  data  and  VPN  customers  next  month, 

1  but  the  carrier  is  using  WLAN  technology  Sprint 
*  plans  to  offer  wireless  data  support  through  its 

2  Sprint  PCS  division  over  its  nationwide  wireless  net- 
;  work.  While  Sprint  PCS  has  offered  standard 
1  Internet  browsing,  which  some  companies  use  to 

support  their  internally  managed  VPN,  this  is  the 
first  time  Sprint  will  offer  a  fully  managed  wireless  VPN 
access  option. 

In  addition  to  launching  WLAN  support,  MCI  is 

See  MCI,  page  14 


The  No.  1  thing 
on  ail  our 
^  agendas  is  how 
do  we  achieve  in¬ 
teroperability.  . . 
this  is  where 
productivity 
r-  comes  from. 

pm 

Michael  Capellas 

CEO.  MCI 


NEW  YORK  — The  three  IP  services  launched  last 
week  by  MCI  at  the  inaugural  CeBit  America  confer¬ 
ence  are  key  elements  of  the  carrier’s  push  to  ensure 
interoperability  across  its  networks,  company  offi¬ 
cials  said. 

The  carrier  announced  its  IP  VPN  Remote  service, 
which  lets  customers  couple  IP  and  traditional  data 
networks  on  a  single  VPN.  The  service  lets  users 
maintain  existing  frame  relay  or  ATM  network  con¬ 
nections  as  they  upgrade  new  locations  to  IP  all 
while  using  one  VPN. 

In  late  April  MCI  previewed  the  service,  called 
Secure  Internet  Gateway  to  link  its  dial-up  and  dedi¬ 
cated  1RATM  and  frame  relay  networks.The  service, 
which  uses  Nortel  gear  in  the  network,  not  only  inte¬ 
grates  various  offerings  but  also  eliminates  the  need 
for  some  devices  at  the  customer’s  premises. 

Customers  will  not  have  to  support  a  device  at 
their  sites  for  dial-in  users, says  Brian  Washburn,  ana¬ 
lyst  at  Current  Analysis.“Some  companies  don’t  have 
the  internal  resources  to  manage  these  devices  and 
some  can’t  justify  the  cost  when  you  may  only  have 
a  few  remote  dial-in  users,”  he  says. 

MCI  Chairman  and  CEO  Michael  Capellas  talked  about 
the  importance  of  interoperability  during  his  keynote 
speech  at  the  show. “The  No.  1  thing  on  all  our  agendas  is 
how  do  we  achieve  interoperability  . . .  this  is  where  pro¬ 


ductivity  comes  from.” 

While  MCI’s  IP  VPN  Remote  service  offers  a  clear  migra¬ 
tion  path  to  IRAT&T  and  Sprint  have  offered  unified  VPN 
support  for  more  than  a  year.  Both  offer  a  single  network 


Vendors  promise  to  improve  on  security  appliances 

Security  functions  bundled  together  result  in  fragmented  management. 


During  Network  World's  Security  Showdown  at  CeBit  America  security  ven¬ 
dors  promised  unified  management  Shown  from  left  are  Jeff  Platon,  Cisco; 
Christopher  Thompson,  Network  Associates'  Sniffer  Technologies;  Dan 
MacDonald,  Nokia;  and  Charlie  Johnson,  Symantec. 


■  BY  ELLEN  MESSMER 

NEW  YORK  —  Four  leading 
security  vendors  acknowledged 
that  their  products  lack  a  unified 
management  approach,  but  pro¬ 
mised  to  improve  the  situation  in 
the  coming  months. 

Security  management  direc¬ 
tions  were  just  one  of  myriad 
topics  debated  by  Cisco,  Net¬ 
work  Associates,  Nokia  Internet 
Communications  and  Symantec 
executives  at  Network  World’s 
Security  Showdown  last  week  at 
CeBit  America.  A  volley  of  ques¬ 
tions  —  from  Network  World 
Editorial  Director  John  Gallant 
and  vendors  quizzing  each  other 
—  shed  some  light  on  what  cus¬ 
tomers  can  expect  to  see  from 
these  four  vendors  in  the  near 
future. 

Cisco  is  creating  Web-based 
automated  design  tools  for  ques- 
tion-and-answer  input  with  cus¬ 
tomers  and  partners  that  when 
used  would  produce  a  network 
diagram  that  would  map  to  a 
security  policy  for  datastorage  or 
video,  according  to  Jeff  Platon, 
Cisco’s  senior  director  of  product 
and  technology  marketing  for 
security. 


Gallant  queried  Platon  on  Cis¬ 
co’s  bewildering  management 
approach  to  its  growing  collec¬ 
tion  of  security  software,  appli¬ 
ances  and  blades. 

Management  options  include 
“Cisco  Security  Device  Manager, 
the  CiscoWorks  Security  Infor¬ 
mation  Management  Solution, 
the  Cisco  IP  Solution  Center  Se¬ 
curity  Technology  Module  for 
Management  and  the  CiscoWorks 
VPN  Security  Management  Solu¬ 
tion,”  Gallant  noted,  and  then 
asked:“Why  do  you  have  so  many 
security  management  offerings, 
and  do  you  plan  to  unify  all  secu¬ 
rity  and  device  management  in 
one  product?” 

“The  simple  answer  is  yes," 
Platon  said.  “We’ll  get  to  fewer 
ones." 

Although  Platon  said  he  didn’t 
see  the  embedded  device  man¬ 
agers  going  away  anytime  soon, 
he  acknowledged  that  today 
Cisco  has  two  management 
interfaces  for  workflow  and  pro¬ 
visioning,  and  “we  do  need  to 
come  to  a  common  platform,” 
and  that  work  is  underway.  But 
that  probably  won’t  happen  for 
another  12  to  18  months. 

But  the  goal,  Platon  said,  is  that 


customers  will  see  a  common 
architecture  for  different  inter¬ 
face  types  to  manage  both  provi¬ 
sioning  and  workflow  where  “pol¬ 
icy  can  be  pushed  out  to  a  differ¬ 
ent  functional  group.” 

Meanwhile,  Network  Associates 
has  its  own  management  con¬ 
soles  for  its  WebShield  line  of  anti¬ 
virus  messaging  appliances  and 
the  Sniffer  protocol-analysis  appli¬ 
ances  to  which  it  intends  to  add 
IntruVert  Networks’  intrusion-de¬ 
tection  and  intrusion-protection 
systems,  which  in  turn  is  man¬ 
aged  separately  today 

Christopher  Thompson,  Net¬ 
work  Associates  vice  president  of 
product  marketing,  said  a  com¬ 
mon  management  platform  is  a 
goal  —  but  don’t  expect  it  for 
about  nine  months. 

Nokia’s  security  appliances  are 
based  on  third-party  security  soft¬ 
ware  from  Check  Point,  Internet 
Security  Systems  (ISS)  and  Trend 
Micro.  Dan  MacDonald,  vice  pres¬ 
ident  of  Nokia,  said  the  Nokia 
Horizon  Manager  is  intended  to 
“rapidly  deploy  software,  do  back¬ 
ups  and  restore"  of  Nokia  appli¬ 
ances,  but  can’t  manage  Check 
Point,  ISS  and  Trend  Micro  secur¬ 
ity  software  running  on  general- 


purpose  servers. 

MacDonald  said  the  best  inter¬ 
action  between  vendor  manage¬ 
ment  consoles  is  between  Hori¬ 
zon  and  Check  Point’s  manage¬ 
ment  products. 

“Check  Point  does  have  prod¬ 
ucts  that  interface  with  Nokia 
Horizon  Manager  with  mini¬ 
mum  double  entry”  MacDonald 
said.  There’s  also  effort  to  im¬ 
prove  integration  between  No¬ 
kia  and  Trend  Micro  manage¬ 
ment  products,  but  that  will  not 
be  available  until  the  third 


quarter. 

Because  ISS  recently  began 
offering  its  own  brand  of  hard¬ 
ware  appliance  without  help 
from  Nokia,  one  question  posed 
asked  whether  Nokia’s  partner¬ 
ship  with  ISS  is  turning  into  more 
of  a  competition. 

MacDonald  said  the  partner¬ 
ship  with  ISS  is  solid,  but  ac¬ 
knowledged  there  is  now  “an 
amount  of  overlap"  in  appli¬ 
ances  from  ISS  and  Nokia  that 
could  have  the  two  vendors 
fighting  for  customers  ■ 
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HP  tells  corporate  users  to  adapt 

Users  concerned  new  utility  computing  initiative  will  involve  costly  upgrades. 


■  BY  DENISE  DUBIE 

CHICAGO  —  HP  software  users 
last  week  learned  that  if  they 
want  to  take  advantage  of  a  new 
program  that  promises  better 
automation  software  and  service 
management  products,  it  might 
mean  using  a  forklift  more  than 
theyd  like. 

HP  in  May  introduced  its 
Adaptive  Enterprise  strategy,  a 


road  map  that  defines  how  the 
company  will  integrate  hard¬ 
ware,  software  and  services  to 
help  customers  quickly  respond 
to  changing  resource  needs  and 
thus  help  their  organizations  run 
more  efficiently  Last  week  the 
company  expanded  on  its  vision 
at  its  annual  user  conference,  the 
HP  Software  Forum  in  Chicago. 

Company  executives  de¬ 
scribed  three  stages  IT  managers 


must  tackle  and  complete  before 
becoming  truly  adaptive,  by  HP’s 
definition.  The  first  stage,  says 
Nora  Denzel,  senior  vice  presi¬ 
dent  of  HP’s  Software  Global 
Business  Unit,  would  require 
users  to  assess  their  networks 
and  retool,  re-architect  and  re¬ 
engineer  their  infrastructures  to 
support  automation  and  service 
management  across  networks, 
servers,  storage  and  applications. 


Nortel  tries  to  stack  up 

High-speed  stackable  switch  on  tap. 


Nortel’s  stack  strategy 


Nortel’s  Flexible  Advanced  Stacking  Technology 
architecture  on  the  BayStack  5000  uses  a  proprietary 
interconnect  among  switches  in  a  stack. 


A  maximum  of  eight 
BayStack  5000s  can  be 
linked  to  form  a  20G 
bit/sec,  bidirectional  ring 
backbone  among  the 
switches.  This  can  allow 
for  faster  throughput  and 
failover  than  traditional 
stacking  technologies, 
which  are  unidirectional. 


Nortel  this  week  is  expected  to 
unveil  new  switches  that  it 
promises  will  boost  resiliency 
and  throughput  in  enterprise 
wiring  closets. 

The  BayStack  5000  is  aimed  at 
corporations  that  want  high-den- 
sity  10/100/1000M  bit/sec  con¬ 
nections  to  desktops,  and  high¬ 
speed  interconnects  among  the 
switches  for  providing  fast 
uplinks  and  failover  capabilities. 

For  a  modular  approach  to  wiring 
closets,  Nortel  is  offering  the 
PassPort  8300,  which  promises 
high-density  10/100M  bit/sec  and 
Gigabit  port  densities  and  power 
over  Ethernet  (PoE). 

The  new  stackable  switch 
comes  in  24-  and  48-port  versions 
with  all  ports  capable  of  support¬ 
ing  10/1 00/ 1 000M  bit/sec  Ether¬ 
net  connections.The  box  has  two 
mini  Gigabit  Interface  Converter  slots  for  uplinks  to 
a  distribution  layer  or  backbone  switch. 

Nortel  is  introducing  what  it  calls  Flexible 
Advanced  Stacking  Technology  on  the  BayStack 
5000.  The  technology  uses  a  proprietary  20M 
bit/sec  interconnect  technology  (a  derivative  of 
the  InfiniBand  standard)  to  link  up  to  eight  stack- 
able  switches  in  a  bidirectional  loop  (see  graphic). 
Nortel  says  this  architecture  can  offer  faster  failover 
and  more  bandwidth  between  switches  than  com¬ 
peting  stacking  technologies  from  3Com  and 
Cisco.  Other  features  in  the  switch  include  Layer  2 
to  4  quality  of  service  and  traffic  shaping,  and 
802. lx  authentication  support. 

The  high-availability  and  security  features 
included  in  the  BayStack  5000  follow  a  trend 
toward  putting  more  switching  intelligence  at  the 
LAN  edge,  says  Joshua  Johnson,  an  analyst  with 
Synergy  Research  Group. 

"Vendors  are  putting  these  features  in  wiring 
closet  boxes  to  support  new  applications,"  such  as 
IP  telephony,  instant  messaging  and  IP  video, 
which  require  low  network  latency  and  high  band¬ 
width.  Johnson  says. 


Analysts  say  the  BayStack  5000  will  compete  with 
Cisco’s  recently  announced  Catalyst  3750  and  its 
StackWise  technology  Another  comparable  offer¬ 
ing  is  3Com’s  XRN  technology  for  tying  together 
fixed-configured  boxes  at  high  speeds. 

As  for  the  PassPort  8300,  the  product  is  a 
revamped  PassPort  8600  chassis  (a  six-  or  10-slot 
box)  with  a  smaller  switch  fabric.  It  also  uses  the 
base  8600  operating  system  software  reconfigured 
to  support  wiring  closet  deployments,  instead  of 
the  LAN  core  or  metropolitan-area  network  edge 
duties  usually  associated  with  the  8600.  Blades  for 
the  Passport  8300  include  a  24-  and  48-port 
10/1 00/ 1 000M  bit/sec  card,  and  a  48-port  blade  that 
supports  802. 3af  inline  power.  A  specific  chassis  is 
required  for  PoE. 

The  BayStack  5000  is  expected  to  be  available 
in  October,  priced  starting  at  $9,000.  Nortel  says  a 
PbE  version  of  the  switch  is  due  in  the  first  quar¬ 
ter  of  next  year. The  PassPort  8300  is  scheduled  to 
be  available  in  October  and  will  start  at  about 
$85,000  for  a  10-slot  chassis,  seven  PoE  modules 
and  redundant  power  supplies,  and  switch 
fabrics.  ■ 


While  HP  remained  lean  on  the 
specifics  of  retooling,  it  was  clear 
customers  would  have  to  make 
infrastructure  changes  before 
they  could  deploy  the  software 
or  enjoy  any  of  its  automation 
benefits. 

“That  was  an  awakening  for 
me,”  says  Jason  Kennedy,  systems 
management  analyst  at  Best  Buy 
Canada  in  Vancouver,  B.C.  “It 
makes  a  certain  amount  of  sense 
in  terms  of  the  long-term  plans, 
but  it  also  makes  convincing  oth¬ 
ers  to  go  along  with  it  more  of  a 
challenge.” 

Kennedy,  who  works  alongside 
peers  in  application  develop¬ 
ment  and  help  desk  support 
areas,  says  being  in  charge  of 
enterprise  systems  management 
for  the  retailer  puts  him  in  a  posi¬ 
tion  to  touch  all  areas  of  IT  at 
Best  Buy  Canada.  He’s  working 
to  establish  a  service-oriented 
approach  to  management  — 
meaning  managing  a  group  of 
network  resources  as  one  ser¬ 
vice,  rather  than  checking  the 
availability  of  individual  devices 
—  but  he  first  needs  to  sell  the 
idea  of  change  to  people  who’ve 
become  accustomed  to  how 
they  manage  IT. 

“It’s  hard  to  convince  people  to 
automate,  even  something  sim¬ 
ple  like  generating  trouble  tick¬ 
ets  because  they  don’t  trust  the 
technology,  and  they  fear  it  will 
cause  a  lot  of  false  alerts,” 
Kennedy  says.  While  only  in  the 
beginning  of  adopting  HP’s  strat¬ 
egy,  he  says  he  realizes  he  has  a 
long  way  to  go  to  achieve  the 
vendor’s  vision  —  if  he  decides 
to  do  so. 

The  second  stage  IT  managers 
must  overcome  to  become  adap¬ 
tive  is  business  efficiency,  in 
which  network  elements  are 
managed  as  business  services, 
and  the  third,  dubbed  business 
agility,  is  when  the  software  and 
hardware  infrastructure  dynami¬ 
cally  adapts  to  meet  the  chang¬ 
ing  needs  of  the  business. 

Tim  Hagn,  vice  president  of  IT 
operations  and  engineering  at 
Zurich  Life  in  Schaumburg,  Ill., 
says  his  infrastructure  and  soft¬ 
ware  for  managing  services  falls 
in  line  with  business  service 
management  as  HP  describes  it. 
His  team  in  the  past  two  years 
has  worked  to  get  processes  in 
line  and  people  on  board,  and 
the  IT  department  directly  sup¬ 
ports  the  company’s  mission-crit¬ 


ical  business  services.  But  in 
terms  of  changing  infrastructure 
and  moving  to  the  “ultimate  state 
of  fitness,”  as  HP  calls  it,  he’s  not 
certain  yet  Zurich  Life  will  make 
that  leap. 

“You  get  to  a  point  of  dimin¬ 
ishing  return.  At  some  point,  it 
doesn’t  make  sense  to  spend 
the  money  and  make  the 
stretch  to  adopting  leading- 
edge  technology”  Hagn  says. 
“You  have  to  ask, ‘Is  it  worth  it 
for  our  business  model?’” 

While  he  doesn’t  see  Zurich 
Life  ripping,  replacing  and/or 
buying  more  hardware  solely  to 
become  more  adaptive,  Hagn 
says  he  will  keep  the  forward 
momentum  in  mind  when  infra¬ 
structure  changes  and  hardware 
expenses  arise  for  other  reasons. 

“I  don’t  know  many  people 
whose  capital  budgets  would 
allow  them  to  switch  servers  on 
a  whim,”  Hagn  says.  “But  1  could 
see  an  opportunistic  approach 
to  it  that  when  new  hardware 
and  servers  are  needed,  they  are 
brought  in  under  the  service 
management  strategy” 

Sudip  Gangopadhyay  intends  to 
wait  until  OpenView  users  such 
as  Kennedy  and  Hagn  prove  HP’s 
technology  can  do  what  execu¬ 
tives  say  it  can.  The  manager  of 
Unix  technical  services  for 
Georgia-Pacific,  a  manufacturing 
company  in  Atlanta,  says  his  only 
plans  in  regard  to  HP’s  Adaptive 
Enterprise  are  to  wait  and  see. 

“Adaptive  computing  right  now 
is  a  premature  concept.  I  need  to 
see  proven  results  before  we 
consider  it,”  he  says.B 
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The  skinny  on  SCO  and  IBM 


The  SCO  Group  and  IBM  continue  to  face  off  over  Unix,  Linux 
and  intellectual  property.  The  legal  case,  in  which  SCO  accuses 
IBM  of  misappropriating  Unix  code  to  beef  up  the  scalability  of 
Linux,  is  bringing  the  world  of  open  source  software  front  and 
center  at  the  same  time  that  Linux  is  gaining  a  foothold  in  data 
centeis.  IBM  maintains  that  it  has  done  nothing  wrong  and  is 
ignoring  SCO's  latest  pronouncement  that  it  has  terminated  Big 
Blue's  license  to  sell  Unix.  We  talked  to  users  and  industry 
experts  to  compile  answers  to  frequently  asked  questions  about 
the  key  issues. 

Now  that  SCO  has  revoked  IBM's  license  to  Unix,  what  does  this  mean  for 
AIXP  Should  users  be  worried? 

Everybody  using  AIX,  or  thinking  of  using  AIX, should  be  paying  atten¬ 
tion.  But  that  doesn’t  mean  users  should  be  scrambling  to  scrap  AIX.  IBM 
says  it  remains  committed  to  AIX  and  its  customers.  It's  important  to  note 
that  AIX  represents  untold  millions  of  dollars  in  investment  by  IBM, 
which  is  unlikely  to  take  this  lightly  In  addition,  as  opposed  to  Linux 
users  who  are  dealing  with  an  open  source  product  and  have  access  to 
code, AIX  is  licensed  from  IBM  and  therefore  users  aren’t  handling  actu¬ 
al  code.  Big  Blue  has  stated  repeatedly  that  its  Unix  license  is  “irrevoca¬ 
ble,  perpetual  and  fully  paid”  and  that  it  cannot  be  terminated.  It  also 
says  it  will  continue  to  ship, support  and  develop  the  operating  system. 


Heating  up 

Since  SCO  filed  its  lawsuit  against  IBM  in  March,  neither 
side  has  shown  any  signs  of  backing  down.  The  latest 
developments: 

June:  SCO  shows  analysts  copies  of  Linux  source  code  it 
says  was  lifted  illegally  from  Unix. 

June  6:  SCO  presents  documentation  it  says  proves  that 
it  was  granted  all  rights  and  copyrights  to  Unix  and  UnixWare 
when  it  bought  them  from  Novell  in  1995.  Novell  earlier  said  that 
it  hadn't  transferred  copyrights  to  SCO. 

June  16:  SCO  says  it  has  terminated  IBM's  right  to  sell 
AIX.  It  also  files  an  amendment  to  its  original  lawsuit  against 
IBM,  upping  the  damages  it  seeks  to  more  than  $3  billion  and 
asking  for  a  permanent  injunction  to  stop  IBM  from  selling  AIX 
Unix.  IBM  contends  that  it  is  doing  nothing  wrong,  that  its  Unix 
license  with  SCO  is  irrevcable,  and  that  it  will  continue  to  support, 
ship  and  develop  AIX. 


bring  this  structure  by  creating  a  central  clearinghouse  for  Linux  devel¬ 
opment  where  users  can  look  for  software  road  maps  and  updates. 
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What  about  Linux  users?  Should  users  reconsider  Linux  deployment  plans? 

It  wouldn’t  hurt  users  to  review  contracts  with  Linux  vendors  to  deter¬ 
mine  where  the  code  originated  and  to  guard  against  being  held  liable 
if  SCO’s  claims  are  validated.  In  addition, some  analysts  suggest  holding 
off  deploying  Linux  in  critical  business  systems  until  the  merits  of  SCO’s 
claims  are  determined. That  could  take  years,  however,  and  many  users 
say  they  are  unfazed  by  the  situation.  What’s  more,  the  open  source 
community  says  it  will  alter  any  offending  code. 

What  does  the  legal  community  think  of  SCO's  allegations?  Is  IBM  vulnerable? 

One  thing  attorneys  seem  to  agree  on  is  that  the  case  is  murky  A  lot  is 
unclear:  whether  SCO  holds  patents  to  Unix,  whether  proprietary  Unix 
code  found  its  way  into  Linux  and  if  so  where  it  originated,  among  oth- 
ers.This  is  a  David  and  Goliath  battle, but  the  legal  community  does  not 
discount  SCO. This  case  likely  will  be  a  test  for  open  source  licensing. 

Will  this  result  in  changes  in  how  Linux  is  developed? 

Observers  say  Linux  will  be  developed  in  a  more  organized  fashion, 
but  this  isn’t  necessarily  driven  by  the  situation  with  SCO.  As  Linux 
becomes  more  widely  used  by  companies,  these  customers  will  be 
looking  for  the  structure  they  find  with  proprietary  software.  Linus 
Torvalds’  move  to  Open  Source  Development  Labs  last  week  will  help 


MCI 

continued  from  page  10 

expanding  its  support  of  satellite  services. The  carrier  is  teaming  with 
Tachyon  to  roll  out  its  second  satellite  offer. Today  MCI  resells  Hughes 
Network  Systems’  DirecWay  very  small  aperture  terminal  service  to 
business  users. 

MCI  says  the  Tachyon  offer  will  fill  a  gap  for  users  who  need  higher 
bandwidth  support.  Tachyon’s  satellite  offering  supports  up  to  256K 
bit/sec  upstream  and  1M  bit/sec  downstream.  The  DirecWay  service 
maxes  out  at  70K  bit/sec  upstream. 

The  service  provider  says  the  satellite  offering  might  be  a  good  alter¬ 
native  for  users  who  want  to  use  a  single  access  method  for  all  loca¬ 
tions,  even  those  that  are  rural  or  remote.  MCI  also  says  the  service  might 
be  a  good  alternative  for  users  who  want  aT-1  but  find  the  cost  of  a  ded¬ 
icated  line  too  high.While  MCI  says  Tachyon’s  service  will  cost  less  than 
a  T-l  connection,  the  carrier  would  not  provide  pricing  or  service-level 
agreement  details.  MCI  says  this  offering  will  be  available  by  year-end. 

IDG  Neu >s  Service  editor  Marc  Ferranti  contributed  to  this  story. 


SCO  alleges  that  IBM's  actions  have  harmed  its  business.  What  was  SCO's 
business  before  this  suit  arose? 

SCO’s  business  has  been  focused  on  Unix  and  supporting  Unix  in  cor¬ 
porations.  In  its  complaint,  SCO  talks  about  IBM’s  efforts  to  undermine 
Unix  and  push  the  use  of  Linux  in  enterprise  data  centers.  That’s  the 
main  reason  why  IBM  pulled  out  of  Project  Monterey  in  2000.  Project 
Monterey  was  an  undertaking  of  SCO,  IBM  and  Sequent  to  create  a  ver¬ 
sion  of  Unix  to  run  on  both  32-  and  64-bit  Intel  chips.  But  in  the  process 
of  working  on  that,  IBM  saw  the  trend  of  Linux  adoption  growing  and 
decided  to  focus  on  Linux  rather  than  spend  more  time  and  money 
enhancing  Unix.That  left  SCO  hanging.  In  the  following  years,  SCO  has 
seen  its  business  decline.  Since  CEO  Dari  McBride  took  over  last  year, 
SCO  has  focused  on  protecting  its  intellectual  property  which  some 
analysts  say  will  be  its  primary  business  focus  going  forward. 

Why  did  SCO  file  this  suit? 

Many  observers  say  this  is  a  last-gasp  effort  of  a  company  that  has 
watched  its  primary  business  decline.  But  others  say  SCO  has  every 
right  and  reason  to  protect  its  intellectual  property.  In  January, SCO  cre¬ 
ated  SCOSource,  a  division  focused  on  protecting  and  licensing  intel¬ 
lectual  property.Two  licensing  deals  in  its  second  quarter  provided  SCO 
with  $8.8  million  and  its  first-ever  net  income. The  company  reported 
net  income  of  $4.5  million  for  the  second  quarter  on  revenue  of  $21.4 
million,  compared  with  a  net  loss  of  $6.6  million  on  revenue  of  $15.5 
million  during  the  same  quarter  a  year  ago. 

Who  owns  Unix? 

That’s  a  somewhat  tricky  question.  SCO  bought  the  rights  to  license 
Unix  from  Novell  in  1994,  a  year  after  Novell  purchased  Unix  System 
Laboratories,  AT&T’s  wholly  owned  subsidiary  responsible  for  Unix 
System  V  At  the  same  time,  Novell  transferred  the  Unix  trademark  to  The 
Open  Group  (then  known  as  X/Open  Company).  The  Open  Group  is 
responsible  for  certifying  that  Unix  products  conform  to  the  Single  Unix 
Specification,  regardless  of  vendor.  SCO  says  it  owns  Unix  copyrights 
and  patents.  However,  SCO’s  claims  against  IBM  do  not  include  copy¬ 
right  or  patent  violations,  rather  breach  of  contract. 

—  Deni  Connor  and  Jennifer  Mears 


■  Editor  in  chief  John  Dix  says  SCO  appears  to  be  oversimplify¬ 
ing  the  market  and  ignoring  case  history.  But  no  matter  how  it 
comes  out  the  open  source  community  suffers.  PAGE  58. 
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Server  blades  engineered  to  work 
across  complex  computing  environments. 


HP  ProLiant  server  blades,  powered  by  Intel®  Xeon™  processors,  are  designed  to  support  a  variety  of  robust  enterprise 
solutions,  including  SANs.  It  is  not  difficult  to  appreciate  the  architectural  excellence  of  the  new  HP  ProLiant  BL40p  and  BL20p  G2  server  blades 
They're  the  most  powerful,  flexible,  industry-standard  blades  for  business  today.  In  addition  to  meeting  your  company's  expanding  needs  for  server  capacity, 
they're  designed  with  SAN  connectivity  to  support  sophisticated  storage  environments  —  easily,  reliably  and  affordably.  Combined  with  HP  ProLiant  Essentials 
software,  they  can  dramatically  reduce  deployment  time  and  help  maximize  productivity.  Which  means,  of  course,  your  business  saves  money.  Demand  more 
from  your  IT  systems.  Integrate  HP  ProLiant  server  blades  into  your  environment.  And  carry  your  business  to  a  stronger,  more  cost-effective  place. 
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I  HP  ProLiant  BL20p  G2 

I  Up  to  two  Intel®  Xeon™  processors  DP  3.06  GHz 

1^  Available  with  three  10/100/1000  NICs  and 
one  management  NIC  plus  dual  2Gb  fibre 
channel  mezzanine  card 

-  Up  to  8GB  DDR  memory 

!  Optional  Rapid  Deployment  Pack 
I  software  allows  for  quick  multi-server  deployment 


Complements  ProLiant 
server  blades 


HP  MODULAR  SAN 
ARRAY  1000 


ProLiant  servers  and  the  MSA  1000 
have  been  engineered  to  work 
better  together.  To  safely  migrate 
data  in  a  SAN  environment,  simply 
remove  ProLiant  drives  and  insert 
them  into  the  MSA1000. 


■HHMEffiH 


invent 


Demand  more  with  HP  ProLiant  server  blades.  Download  IDC's  white  paper,  ''Enabling  Business 
Server  Blade  Technology"  at  www.hp.com/go/proliant60  or  dial  1-877-865-1161  and  mention  c 


Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2003  Hewlett-Packard  Development  Company,  L.P 
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Verizon,  unions  seek  accord  as  strike  date  looms 


■  BY  JIM  DUFFY  a  crippling  strike.  America  (CWA)  and  the  International 

The  regional  Bell  operating  company  Brotherhood  of  Electrical  Workers  (IBEW) 
Verizon  last  week  began  contract  negoti-  entered  into  collective  bargaining  talks  to  reach  an  agreement  on  contracts  for 

ations  with  two  unions  in  an  effort  to  avert  with  the  Communications  Workers  of  some  75,000  employees.  The  current  con- 
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tracts  expire  at  midnight  Aug.  2. 

A  strike,  observers  say,  would  affect  Veri¬ 
zon’s  deployment  of  equipment, potentially 
its  ability  to  deliver  services,  and  the  overall 
economy  The  RBOC  says  it  would  spend 
between  $13  billion  and  $15  billion  on 
equipment  and  related  materials  this  year, 
but  so  far  has  spent  less  than  20%  of  that, 
according  to  industry  reports. 

Verizon  is  looking  for  employees  to  pick 
up  a  larger  share  of  their  medical  benefits 
and  to  reduce  absenteeism.  Currently,  em¬ 
ployees  pay  about  5%  of  their  healthcare, 
while  the  average  in  corporate  America  is 
26%  to  27%,  according  to  Verizon. 

“They  do  not  pay  a  premium,  which  is 
unheard  of,”  a  spokesman  said.  “There  are 
probably  40  different  resolutions  to  this.” 

The  absentee  rate  is  6%,  “about  twice  the 
norm,” according  to  the  spokesman.  Absen¬ 
teeism  costs  Verizon  $600  million  per  year, 
while  health  benefits  for  the  75,000  em¬ 
ployees  costs  $  1  billion  per  year  and  are  ris¬ 
ing  12%  annually  he  says. 

However,  the  unions  are  looking  to  keep 
the  current  contract  language  while  seek¬ 
ing  improvements,  says  Jerry  Leary,  vice 
president  of  IBEW  Local  2222. 

“We  want  to  strengthen  job  security,  gain 
better  medical  benefits,”  Leary  says. “At  this 
point  we’re  miles  apart,  but  you  would 
expect  that  as  negotiations  open.” 

The  CWA  also  reportedly  is  hinging  suc¬ 
cessful  negotiations  on  its  ability  to  orga¬ 
nize  Verizon  Wireless,  but  Verizon  says  pre¬ 
vious  attempts  to  unionize  have  been 
unsuccessful  over  the  years.  Also,  an  exist¬ 
ing  agreement  between  Verizon  Wireless 
and  the  union  over  how  the  wireless  oper¬ 
ation  can  be  organized  does  not  expire 
until  2004, Verizon  says. 

“I’m  not  sure  why  this  should  be  the 
major  issue,”  the  RBOG’s  spokesman  says. 
“The  focus  should  be  on  the  75,000 
employees  whose  contract  is  expiring.” 

The  CWA  did  not  return  calls  seeking 
comment. 

Although  negotiations  just  began  and  the 
contract  does  not  expire  for  another  six 
weeks,  Leary  says  the  unions  are  “more  pre¬ 
pared  than  ever”  for  a  work  stoppage. "But 
we  hope  it  doesn’t  come  to  that,”  he  says. 

Others  expect  the  worst. 

“We  think  a  large-scale  strike  is  likely  this 
summer’’ Goldman  Sachs  analysts  Brantley 
Thompson  and  Christopher  Fine  wrote  in  a 
recent  report.“Verizon  may  seek  to  acceler¬ 
ate  installs  before  the  strike  —  thus,  the 
flow  of  capital  spending  from  Verizon  over 
the  next  two  to  three  quarters  should  be 
interpreted  in  light  of  labor  conditions.  A 
short-term  uptick  will  not  constitute  a 
trend,  nor  will  a  strike-driven  downtick." 

The  last  strike  at  Verizon  was  a  three- 
week,  88,000-employee  work  stoppage  in 
2000.  In  1989,  when  the  RBOC  was  known 
as  NYNEX, 62,000  employees  walked  off  the 
job,  slowing  telecom  services  for  100  days 
in  what  was  one  of  the  nation’s  most  dis¬ 
ruptive  strikes.  It  resulted  in  the  CWA  win¬ 
ning  most  of  its  concessions.  ■ 
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If  bandwidth  were  the  only  issue,  LAN-based  IP  telephony  networks  would  have  been  deployed  years  ago.  But  other 
elements,  such  as  bandwidth  hungry  business  applications,  advancements  in  telephone  technology,  and  network 
congestion  have  been  the  major  stumbling  blocks.  Most  of  those  issues  have  been  resolved  with  newer  VoIP  technology, 
QoS,  and  the  use  of  bandwidth  managers  or  complex  queuing  schemes  deployed  on  the  LAN  and  WAN. 

Voice  Quality 

Over  the  years  voice  quality  has  been  very  subjective:  picking  up  the  phone  and  listening  to  the  quality  of  the  voice.  If 
you  had  two  different  users  on  the  same  call  you  may  even  receive  reports  of  varying  results.  After  years  of  research, 
human  behavioral  patterns  have  been  recorded  and  scored,  establishing  an  objective  measurement  of  call  quality. 

The  leading  subjective  measurement  of  voice  quality  is  the  Mean  Opinion  Score  (MOS)  as  defined  in  the  International 
Telecommunications  Union  (ITU)  recommendation  P.800.  Mapping  between  network  characteristics  and  quality  score 
make  MOS  valuable  for  doing  network  assessments  and  tuning. 

A  MOS  score  can  range  from  5  (very  satisfied)  to  1  (not  recommended),  but  keep  in  mind  that  each  voice  codec  has  a 
benchmark  score  based  on  several  factors,  including  packetization  delay  and  the  inherent  degradation  that  occurs  when 
converting  the  voice  to  a  digital  signal.  The  highest  MOS  rating  any  codec  could  receive  is  4.5.  Each  codec  is  given  a 
MOS  value  based  on  any  known  impairments  for  the  speed  of  the  conversion,  speech  quality,  and  data  loss  characteristics. 
Below  is  a  listing  of  the  most  common  codecs  used  today  for  VoIP  and  their  theoretical  maximum  MOS  value. 


Codec 

Default  data  rate 

Time  between  packets 

Packetization  delay 

Default  jitter  buffer  delay 

Theoretical  maximum 
MOS 

G.71 1 u 

64  kbps 

20  ms 

1 .5  ms 

2  datagrams  (40  ms) 

4.4 

G.71 1  a 

64  kbps 

20  ms 

1 .5  ms 

2  datagrams  (40  ms) 

4.4 

G.729 

8  kbps 

20  ms 

1 5.0  ms 

2  datagrams  (40  ms) 

4.07 

G. 723.1  MPMLQ 

6.3  kbps 

30  ms 

37.5  ms 

2  datagrams  (60  ms) 

3.87 

G.723.1  ACELP 

5.3  kbps 

30  ms 

37.5  ms 

2  datagrams  (60  ms) 

3.69 

Source:  Voice  Over  IP,  2nd  edition 

Each  network  will  have  a  different  MOS  value  based  on  QoS,  delay  and  codec  that  is  deployed  in  the  IP  network. 
When  deploying  an  IP  telephony  network  the  goal  is  to  get  the  network  to  support  the  maximum  MOS  value  and  to 
achieve  the  best  quality  for  voice  traffic.  All  MOS  values  above  4.0  are  considered  to  be  toll  quality  speech. 

Converting  Voice  into  Data  Packets 

Digital  signal  processors  (DSP)  -  the  engines  for  voice  coders  -  are  making  their  way  into  IP  telephony  systems.  The  DSP 
is  a  specialized  processor  that  has  been  in  use  for  many  years  in  other  telephone  applications  such  as  mobile  wireless 
networks.  The  DSP  needs  to  be  very  fast  due  to  the  computation  intensive  operations  required  to  process  a  typical 
telephone  call.  In  essence,  the  DSP  is  what  converts  analog  voice  signal  into  data  packets  so  they  can  be  transported 
over  an  IP-based  network. 

In  this  document,  DSP  refers  to  the  combined  efforts  of  DSPs  and  codecs  to  perform  the  conversion  of  analog  and  digital 
signals  into  IP  communication  flows.  DSP  works  by  clarifying  or  standardizing  the  levels  or  states  of  a  digital  signal.  A  DSP 
circuit  is  able  to  differentiate  between  human-made  signals,  which  are  orderly,  and  noise,  which  is  inherently  chaotic. 
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Typically,  the  voice-coding  algorithm  used  for  an  IP  telephony  or  VoIP  network  in  a  LAN  environment  is  G.71  1,  which 
divides  a  voice  stream  up  into  64  Kbps  packet  increments.  It  is  regarded  as  toll  quality.  Some  of  the  other  more  widely 
available  voice  coding  algorithms/compressors  on  the  market  are  the  G.729a  and  G.723  codecs.  The  G.7 29a  and 
G.723  codecs  are  normally  used  for  WAN  connections  where  bandwidth  is  at  a  premium  and  voice  compression  is  a 
requirement.  The  majority  of  vendors  who  support  IP  telephony  recommend  the  G.729a  codec  due  to  its  superior  quality 
over  G.723,  making  it  the  de  facto  standard  for  WAN  connections  running  IP  telephony. 

The  chart  below  shows  the  bandwidth  calculation  for  each  codec. 

Voice  coder 

Voice 

bandwidth 

Kbps 

MOS 

Codec  delay 

Packet  size 
(bytes) 

IP/UDP/RTP 

headers 

(bytes) 

cRTP 

L2  header 
(bytes) 

Total  BW 

BW  with  silent 
suppression 

Ethernet 

G.71  1 

64 

4.1 

1.5 

160 

40 

14 

85.6 

42.8 

G.71 1 

64 

4.1 

1.5 

160 

2 

14 

70.4 

35.2 

G.729 

8 

3.9 

15 

10 

40 

14 

29.6 

14.8 

G.729 

8 

3.9 

15 

10 

2 

14 

14.4 

7.2 

PPP 

G.71 1 

64 

4.1 

1.5 

160 

40 

6 

82.4 

41.2 

G.71 1 

64 

4.1 

1.5 

160 

2 

6 

67.2 

33.6 

G.729 

8 

3.9 

15 

10 

40 

6 

26.4 

13.2 

G.729 

8 

3.9 

15 

10 

2 

6 

1  1.2 

5.6 

G.723 

6.3 

3.9 

37.5 

30 

40 

6 

16 

8 

G.723 

6.3 

3.9 

37.5 

30 

2 

6 

8 

4 

Frame  Relay 

G.71 1 

64 

4.1 

1.5 

160 

40 

4 

81.6 

40.8 

G.71 1 

64 

4.1 

1.5 

160 

2 

4 

66.4 

33.2 

G.729 

8 

3.9 

15 

10 

40 

4 

19.7 

9.9 

G.729 

8 

3.9 

15 

10 

2 

4 

9.6 

4.8 

G.723 

6.3 

3.9 

37.5 

30 

40 

4 

15.5 

7.8 

G.723 

6.3 

3.9 

37.5 

3° 

2 

4 

7.6 

3.8 

ATM 

G.71 1 

64 

4.1 

1.5 

160 

40 

5  cells 

106 

53 

G.71 1 

64 

4.1 

1.5 

160 

2 

4  cells 

4 

42.4 

G.729 

8 

3.9 

15 

10 

40 

2  cells 

2.3 

14.1 

G.729 

8 

3.9 

15 

10 

2 

1  cell 

14.1 

7.1 

G.723 

6.3 

3.9 

37.5 

30 

40 

4 

22.3 

11.1 

G.723 

6.3 

3.9 

37.5 

30 

2 

4 

11.1 

5.6 

Table  1  -  Bandwidth  calculation  by  voice  code 
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Buffering  and  Error  Checking 

Due  to  the  bursty  nature  of  business  applications,  data  networks  have  large  buffers  built  into  them  to  sustain  large  bursts 
of  traffic  over  a  short  period  of  time. 

Large  buffers  in  a  voice  network  will  only  increase  the  delay  of  time  sensitive  traffic  and  cause  poor  call  quality.  Voice  is 
very  similar  to  constant  bit  rate  (CBR)  traffic  -  it  requires  a  predictable,  reliable  throughput. 

The  majority  of  the  LAN  protocols  used  to  transport  data  traffic  include  end-to-end  error  checking.  So,  if  a  packet  is  delayed 
or  lost,  the  originating  station  will  retransmit  a  copy  of  the  frame.  The  end  station  will  wait  for  the  acknowledgement,  then 
reassemble  the  packet  stream  and  pass  it  on  to  the  application.  This  is  usually  transparent  to  the  user. 

Voice  transmissions  on  the  other  hand  are  very  time  sensitive.  The  originating  station  does  not  copy  the  transmitted 
frame  into  a  buffer,  since  it  would  only  increase  the  delay  and  degrade  quality.  With  voice,  if  you  lose  a  frame,  it  is 
lost.  Both  error  and  frame  sequence  checking  is  done  at  the  upper  level  of  the  Real  Time  Protocol  (RTP),  but  due  to  the 
time  sensitive  nature  of  the  voice  stream,  if  the  frame  is  out  of  sequence  if  will  be  discarded  and  the  next  frame  will  be 
processed,  thus  affecting  the  quality  of  the  call. 

The  majority  of  voice  codecs  can  support  minor  frame  loss,  but  the  conversation  will  be  choppy  and  of  poor  quality. 
Some  of  the  IP  telephony  equipment  manufacturers  have  tried  to  compensate  for  poor  line  quality  by  playing  the 
preceding  voice  frame  a  second  time,  but  this  does  not  resolve  the  issue,  it  only  makes  it  tolerable.  This  is  why  it  is  so 
important  to  understand  the  inherent  behavior  of  voice  running  on  a  data  network  and  the  additional  requirements  like 
QoS  and  predictive  delay  that  a  network  must  meet. 

IP  Telephony/VolP  Audit 

An  IP  telephony/VolP  audit  should  be  performed  for  every  proposed  LAN/WAN  segment  prior  to  the  addition  of  IP 
telephony  traffic.  The  key  to  designing  an  IP  telephony  network  is  an  understanding  of  the  underlying  technology  used 
to  transport  the  IP  telephony  traffic.  The  design  principles  used  to  deploy  a  successful  LAN  based  VoIP  network  will  not 
necessarily  work  when  you  apply  them  to  a  WAN  configuration,  due  to  a  number  of  factors  including  limited 
bandwidth.  QoS  and  traffic  isolation  are  the  key  factors  for  the  LAN,  but  bandwidth,  priority  and  delay  are  important  to 
the  WAN.  This  can  make  a  significant  impact  on  the  installation. 

The  most  common  cause  for  poor  voice  quality  during  a  VoIP  installation  is  inadequate  WAN  bandwidth  to  support  both 
voice  and  data  traffic.  If  an  audit  was  performed  prior  to  the  installation,  corrective  action  could  have  been  taken  to 
resolve  the  issue  prior  to  deployment. 

In  some  cases,  a  poorly  designed  WAN  can  be  fixed  by  lowering  the  delay  with  fewer  router  hops,  setting  up  QoS  on 
the  routers  or  increasing  the  amount  of  available  bandwidth  prior  to  the  installation  of  voice.  In  other  cases  the  solution 
may  be  too  expensive  or  too  complex  and  other  products  like  bandwidth  managers  must  be  deployed  prior  to  the 
addition  of  voice. 

Bandwidth  Management 

If  the  MOS  value  is  not  in  an  acceptable  range  after  completing  the  IP  audit  and  tweaking  the  installed  vendor's 
suggested  parameters,  a  bandwidth  manager  may  be  needed  for  a  successful  installation.  Bandwidth  managers  allow 
the  end  user  to  define  how  much  bandwidth  is  going  to  be  used  by  each  application  and  guarantee  what  percentage 
of  the  WAN  bandwidth  is  going  to  be  used  by  voice  applications. 
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What  is  QoS  and  Why  is  QoS  Needed? 

Voice  quality  is  directly  affected  by  many  factors  that  can  be  divided  into  five  QoS  dimensions  that  impact  the  end  user 
experience: 

1)  Availability 

2)  Throughput  (both  committed  and  burst) 

3)  Delay  or  latency 

4)  Delay  variation,  including  jitter  and  wander 

5)  Packet  loss 

Availability 

Availability  is  the  percentage  of  time  that  the  network  is  up.  The  traditional  benchmark  for  a  voice  network  is  99.999% 
("five  9s"),  or  about  5.25  minutes  of  downtime  per  year.  Availability  is  achieved  through  a  combination  of  equipment 
reliability  and  network  survivability.  Availability  is  a  probability  calculation,  so  it  is  not  simply  calculated  by  summing 
the  MTBF  figures. 

Throughput 

Throughput  is  the  amount  of  traffic  -  or  bandwidth  -  delivered  over  a  given  period  of  time.  Generally  speaking  in  the 
LAN  environment,  more  throughput  is  better. 

For  the  majority  of  WAN  users,  throughput  depends  on  the  amount  of  money  paid  to  lease  carrier  facilities.  So 
efficiency,  compression,  and  bandwidth  management  play  key  roles  in  designing  an  IP  telephony  network. 

Delay 

Delay  or  latency  is  the  average  transit  time  of  a  service  from  the  ingress  to  the  egress  point  of  the  network.  Many 
services  -  especially  real-time  services  such  as  voice  communications  -  are  highly  intolerant  of  excessive  or  unnecessary 
delay.  Interactive  conversation  becomes  very  cumbersome  when  delay  exceeds  100-150  ms,  when  it  exceeds  200  ms 
users  find  it  disturbing  and  describe  the  voice  quality  as  poor.  To  provide  high  quality  voice,  the  VoIP  network  must  be 
capable  of  guaranteeing  low  latency.  The  ITU-T  G.l  14  recommendation  limits  the  maximum  acceptable  round  trip  delay 
time  to  300  ms  between  the  two  VoIP  gateways  (150  ms  one-way  delay). 

There  are  many  components  of  delay  in  a  network  that  must  be  understood,  including  packetization  delay,  queuing 
delay,  and  propagation  delay. 

•  Packetization  Delay  is  the  amount  of  time  it  takes  the  codec  to  complete  the  analog  to  digital  conversion.  Realize 
that  IP  telephony/VolP  always  creates  some  measure  of  delay,  as  the  algorithm  specifies  to  "listen"  or  sample  the 
voice  for  a  specified  period,  followed  by  packetization. 

•  Propagation  Delay  is  the  amount  of  time  it  takes  information  to  traverse  a  copper,  fiber,  or  wireless  link.  It  is  also  a 
function  of  the  speed  of  light,  the  universal  constant,  and  the  signaling  speed  of  the  physical  medium.  For  example,  if 
a  call  has  to  pass  through  a  transit  node  more  delay  is  introduced. 

•  Queuing  Delay  is  imposed  on  a  packet  at  congestion  points  when  it  waits  for  its  turn  to  be  processed  while  other 
packets  are  sent  through  a  switch  or  wire.  For  example,  as  previously  stated  ATM  mitigated  queuing  delay  by 
chopping  packets  into  small  pieces,  packing  them  into  cells,  and  putting  them  into  absolute  priority  queues.  Because 
the  cells  are  small,  the  highest  priority  queue  can  be  serviced  more  often,  reducing  the  wait  time  for  packets  in  this 
queue  to  deterministic  levels.  At  gigabit  speeds,  however,  the  waiting  time  for  high-priority  traffic  is  very  small  even 
under  the  worst  conditions,  due  to  the  speed  of  the  links  and  available  processing  power. 
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Delay  Variation 

Delay  variation  is  the  difference  in  delay  exhibited  by  different  packets  that  are  part  of  the  same  traffic  flow.  High- 
frequency  delay  variation  is  known  as  jitter,  while  low-frequency  delay  variation  is  called  wander.  Jitter  is  caused 
primarily  by  differences  in  queue  wait  times  for  consecutive  packets  in  a  flow,  and  is  the  most  significant  issue  for  QoS. 
Certain  traffic  types — especially  real-time  traffic  such  as  voice,  are  very  intolerant  of  jitter.  Differences  in  packet  arrival 
times  cause  choppiness  in  the  voice.  All  transport  systems  exhibit  some  jitter.  As  long  as  jitter  falls  within  defined 
tolerances,  it  does  not  impact  service  quality. 

Excessive  jitter  can  be  overcome  by  buffering,  but  this  increases  delay,  which  can  cause  other  problems.  With  intelligent 
discard  mechanisms,  IP  telephony/VolP  systems  will  try  to  synchronize  a  communication  flow  by  selective  packet 
discard,  in  an  effort  to  avoid  the  "walkie-talkie"  phenomenon  caused  when  two  sides  of  a  conversation  have  significant 
latency.  Jitter  must  be  less  than  60ms  (60ms  =  average  quality,  20ms  =  toll  quality). 

Packet  Loss 

Loss  -  either  bit  errors  or  packet  drops  -  has  a  bigger  impact  on  IP  telephony/VolP  services  than  on  data  services. 
During  a  voice  transmission,  loss  of  multiple  bits  or  packets  of  stream  may  cause  an  audible  pop  that  will  become 
annoying  to  the  user.  In  a  data  transmission,  loss  of  a  single  bit  or  multiple  packets  of  information  is  almost  never 
noticed  by  users.  In  contrast,  during  a  video  broadcast,  consecutive  packet  loss  may  cause  a  momentary  glitch  on  the 
screen,  but  the  video  then  proceeds  as  before.  However,  if  packet  drops  become  epidemic,  then  the  quality  of  all 
transmissions  degrades.  Packet  loss  rate  must  be  less  than  5%  for  minimum  quality  and  less  than  1%  for  toll  quality. 

Class  of  Service 

The  main  objective  of  Resource  Reservation  Protocol  (RSVP)  is  to  guarantee  end-to-end  QoS  throughout  the  network  by 
reserving  bandwidth  unicast  and  multicast  applications  on  an  individual  flow  basis. 

Differentiated  Services  (DiffServ)  is  designed  to  group  all  flows  with  the  same  service  requirement  into  a  single 
aggregate.  For  example:  RSVP  would  reserve  bandwidth  for  a  single  VoIP  call,  while  DiffServ  would  group  all  VoIP 
traffic  together  in  the  same  flow.  This  aggregated  flow  would  then  receive  its  class  of  service  based  on  the  application 
priority. 

When  a  QoS  mechanism  like  DiffServ  is  enabled,  it  will  provide  complete  flexibility  in  defining  service  classes  that  can 
be  provisioned  in  a  converged  voice  and  data  network.  This  means  that  the  network  management  system  provides 
access  to  the  mechanisms  that  allow  the  end  user  to  create  customized  service  classes  for  each  application. 

Most  networks  are  deployed  with  some  level  of  QoS  at  layer  3  that  supports  the  following  classes  of  service: 

•  Expedited  forwarding  (EF)  for  control  frames  like  RTCP 

•  Assured  forwarding  (AF)  for  VoIP  traffic 

•  Best  Effort  (BE)  for  all  other  data  traffic 

It  is  possible  to  map  different  QoS  parameters  to  one  another  (i.e.,  802. Ip  to  ToS  or  ToS  to  DiffServ)  to  enable  the 
network  designer  to  provision  an  "end-to-end"  class  of  service  for  voice,  video  and  data  traffic. 

Deploying  IP  Telephony  in  a  Converged  Alcatel  Network 

Today's  business  depends  on  scalable  network  communications  that  allow  future  expansion  of  business  options  and 
facilities.  The  groundbreaking  OmniSwitch  family  (6600  series,  7000  series,  and  the  8800)  and  OmniPCX  Enterprise 
voice  products  target  that  future  networking  and  business  solution.  The  OmniSwitch  family  series  is  a  new  line  of  data 
infrastructure  switches  that  spans  the  core,  edge,  and  desktop  of  networking.  The  design  combines  Alcatel's  experience 
and  expertise  building  carrier  and  enterprise  network  equipment  with  all  of  the  company's  cutting-edge  convergence 
technologies. 
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e-Business  solutions  must  provide  availability,  security,  intelligence,  and  manageability.  These  values  are  both  essential  to 
successful  modern  business  and  fundamental  to  appropriate  new  technology. 

The  OmniSwitch  family  offers  carrier-class  availability  throughout  all  networking  components  to  deliver  the  infrastructure 
mandatory  for  IP  telephony  and  mission-critical  applications.  A  multi-layered  approach  to  security  is  offered,  securing 
traffic  to,  through  and  between  switch  nodes,  preventing  unauthorized  access  to  business  traffic  and  ensuring  privacy. 
Intelligence  mandates  that  all  switching  decisions  are  distributed  and  performed  at  wire-rate.  Alcatel's  implementation  is 
wire-rate  into,  through  the  backplane,  and  out  all  network  interfaces  without  performance  bottlenecks.  Manageability 
involves  both  networking  and  management  system  features.  OneTouch  QoS  means  that  complex  QoS  policies  are 
implemented  consistently  with  a  simple  point-and-click  interface. 

Deploying  IP  Telephony  and  VoIP  in  a  Multi-Vendor  Environment 

Even  though  IP  telephony  and  VoIP  technology  have  made  some  vast  reliability  and  quality  improvements  over  the  past 
couple  of  years,  customers  and  network  designers  still  struggle  with  implementing  the  technology  in  a  multi-vendor 
network.  There  are  many  reasons  for  this  such  as:  inter-operability  issues,  proprietary  protocols,  and  just  plain  old  finger 
pointing.  Please  check  with  the  manufacture  of  your  installed  equipment  for  their  recommendations  on  how  to  design 
and  deploy  an  IP  telephony  or  VoIP  network  in  a  multi-vendor  setting. 

Design  Recommendations 

One  of  the  most  important  recommendations  that  can  be  made  is  to  pay  close  attention  to  the  infrastructure  that  the  VoIP 
network  is  built  on.  The  foundation  must  be  solid  otherwise  there  will  be  ongoing  quality  issues  until  the  network  design 
issues  are  resolved.  The  more  time  spent  upfront  investigating  and  verifying  the  design  of  the  LAN  and/or  WAN  will 
make  a  more  successful  ending.  Verification  is  critical,  and  although  it  may  seem  reasonable  to  believe  that  the 
"network  is  new  and  should  support  QoS"  it's  important  to  check.  In  some  cases,  like  running  VoIP  over  a  WAN,  an 
audit  is  a  must.  For  example,  the  total  end-to-end  delay  to  support  a  quality  voice  conversation  must  not  exceed  200  ms 
and  can  only  be  verified  by  an  IP  audit.  Remember,  the  longer  the  delay  the  worse  the  quality. 

After  a  VoIP  audit  is  preformed  the  designer  must  engineer  the  network  to  support  the  worst-case  scenario,  even  if  it 
happens  only  1  %  of  the  time.  Engineering  the  network  for  peaks  not  averages  maintains  the  highest  quality  of  voice 
traffic  while  the  network  is  performing  at  its  maximum  potential. 

When  designing  a  VoIP  WAN,  the  designer  is  required  to  calculate  the  amount  of  available  bandwidth  for  all 
applications  required  to  transit  the  link.  In  most  cases  the  link  traffic  is  miss-calculated  or  the  IP  audit  is  not  performed 
prior  to  the  installation  and  the  quality  of  the  VoIP  calls  suffer.  As  previously  sated,  a  good  rule  of  thumb  for  a  WAN  link 
is  to  keep  at  least  25  %  of  the  bandwidth  available  for  routing  table  and  administrative  updates. 

As  in  most  architecture's,  the  more  redundancy  and  availability  options  designed  into  the  network  the  better  the  odds 
are  for  a  successful  installation.  The  designer  must  also  understand  that  engineering  all  of  the  redundancy  options 
available  into  the  system  could  adversely  affect  the  performance  of  the  network.  For  example,  adding  IP  redundancy 
into  the  network  could  increase  the  jitter  because  the  VoIP  packets  might  take  multiple  paths  to  reach  the  end  point.  This 
is  not  a  major  concern,  but  it  must  be  evaluated  prior  to  deploying  the  VoIP  network. 

Redundancy  features  cost  real  money,  so  the  main  task  of  the  design  engineer  is  to  make  sure  the  product  meets  the 
customer's  requirements  and  at  the  same  time  keeps  the  proposal  price  competitive.  In  some  cases  this  could  be  the 
difference  between  winning  and  losing  the  opportunity. 

The  following  is  a  list  of  questions,  thoughts,  and  ideas  that  should  be  considered  and  reviewed  with 
customers/prospects  when  designing  a  VoIP  network.  It  is  unlikely  that  a  network  configuration  will  implement  every 
feature  on  this  list,  but  it's  a  good  checklist  to  review  prior  to  completing  the  final  design. 
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VoIP  Design  Guide  Check  List 

□  is  the  LAN  equipment  designed  to  support  99.999%  availability? 

•  Is  the  LAN  configured  with  the  following  redundancy  options? 

•  Management  modules 

•  Links 

•  Protocols  (i.e.,  Fast  Spanning  Tree) 

•  Power  supplies 

•  UPS  system  (in  the  event  of  a  power  outage)  in  the  wiring  closet 

•  How  are  the  IP  phones  going  to  be  powered? 

•  Does  the  LAN  switch  support  in-line  power  (802. 3af)? 

Is  it  connected  to  a  UPS  system? 

Does  the  IP  phone  model  support  in-line  power? 

•  Is  an  external  power  patch  panel  required? 

Is  it  connected  to  a  UPS  system? 

•  Are  you  using  local  power? 

Is  it  connected  to  a  UPS  system? 

What  is  the  ratio  of  IP  phones  with  UPS  to  IP  phones  without  UPS? 

Are  digital/analog  terminals  intermixed  with  the  IP  phones  in  geographic  layout  to  provide  for  "emergency 
dialing"  in  the  event  of  power  or  network  outages? 

•  Is  the  PBX  configured  with  the  following  redundancy  options? 

•  Management  modules 

•  Redundant  IP  modules 

•  Are  the  VoIP  links  connected  to  multiple  LAN  switches? 

•  Is  the  switch  configured  to  support  battery  back-up  power? 

•  Is  there  a  back-up  signaling  path  configured  for  all  networked  sites? 

□  Does  the  installed  LAN  equipment  support  QoS? 

•  Do  you  know  the  speed  and  performance  of  the  installed  equipment? 

•  Manufacture 

•  Product  type 

•  Link  speeds  and  WAN  protocols 

•  Routing  Protocols 

•  What  is  the  QoS  design  strategy? 

•  802.1  p/Q 

•  DiffServ 

•  Is  the  priority  set  and  respected  on  every  LAN  switch  in  the  network? 

•  ToS  (type  of  service)  or  CoS  (class  of  service)  for  the  WAN 

•  Do  you  have  a  current  local  area  network  diagram?  This  is  a  must. 

•  When  was  the  network  diagram  last  updated?  If  it's  older  then  45  days,  ask  for  an  up  to  date  diagram. 

•  Has  the  cable  plant  been  verified  to  support  100  Mbps  Ethernet?  (i.e.,  Cat  5  cable) 
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□  Isolation 

•  Do  you  have  an  isolated  VLAN  configured  just  for  VoIP  phones? 

•  Has  the  excess  broadcast  traffic  been  removed  from  VoIP  VLAN 

•  Is  IP  multicast  support  enabled  on  the  LAN? 

□  Does  the  installed  WAN  support  QoS? 

•  Do  you  have  a  current  wide  area  network  diagram?  This  is  a  must. 

•  Has  the  packet  forwarding  latency  and  jitter  been  verified  not  exceed  the  maximum  tolerance  of  the  200  ms.  An  IP 
audit  is  a  requirement  for  all  WAN  connections. 

•  Is  guaranteed  bandwidth,  packet  forwarding  rate  and  capacity  specified  for  all  WAN  links?  A  good  rule  of  thumb 
is  to  have  a  25%  available  for  overhead  and  routing  table  updates.  Please  refer  to  Table  1  for  the  bandwidth 
required  for  each  codec. 

•  Let's  look  at  a  simple  calculation  using  the  25%  rule,  using  a  T 1  ( 1 .536  Mbps)  as  the  line  speed. 

•  1 .536  Mbps  -  25%  =  1 .152  Mbps,  so  this  means  that  both  voice  and  data  must  share  the  available 
bandwidth. 

•  Is  a  bandwidth  manager  required? 
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ARCHITECTS  OF  AN  INTERNET  WORLD 


■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


VoIP  brings  change  to  the  channel 

Traditional  telecom,  datacom  gear  and  service  providers  cope  with  convergence. 


■  BY  PHIL  HOCHMUTH 

CarrAmerica  Realty  faced  some  tough 
decisions  when  picking  an  IP  telephony 
platform  to  replace  its  nationwide  PBX 
infrastructure.  But  the  harder  choice  was 
deciding  on  whom  to  partner  with  to  in- 


■  Nortel  last  week  announced  an 
interactive  voice  response  server  that 
could  help  midsize  firms  deploy  self- 
service  customer  service.  The  Media 
Processing  Server  500  would  let 
customers  access  information,  place 
orders  or  make  changes  to  records 
through  speech  commands  over  the 
phone.  The  server  would  sit  in  front  of 
a  call  center  PBX  or  automatic  call 
distributor  and  tie  into  back-end  CRM 
systems  or  other  databases.  Callers 
would  maneuver  through  voice 
prompts  and  menus  with  speech 
commands,  instead  of  dial- pad  but¬ 
tons.  The  MPS  500  is  a  smaller  cousin 
of  Nortel’s  MPS  1000  for  large  data 
centers  and  service  providers.  The 
platform  works  with  Nortel  PBXs  and 
automatic  call  distributors,  and  non- 
Nortel  telephony  gear.  The  MPS  500 
will  be  available  in  September,  Nortel 
says.  Pricing  has  not  been  released. 

■  Avail  Solutions  last  week  rolled 
out  the  latest  version  of  its  back-up 
and  recovery  software.  Integrity 
1.45,  which  works  with  disk  or  tape 
back-up  methodologies,  now  sup¬ 
ports  adaptive  file  transmission, 
automatic  file  grooming  and  support 
for  FreeBSD  servers.  It  automatically 
determines  the  best  data-transmis- 
sion  protocol  to  use  when  backing  up 
data,  thus  improving  back-up  speeds. 
Data  grooming  occurs  offline  and 
lets  data  be  backed  up  to  a  storage 
device  and  then  moved  or  copied  to 
other  devices  for  archival  purposes. 
Integrity  1.4.5  is  priced  starting  at 
$850  and  works  with  Window,  Solaris 
and  Linux  networks. 


stall  and  configure  the  convergence  gear. 

The  company  decided  on  Expanets,  a 
reseller  and  integrator  of  Avaya  and  Cisco 
voice  and  data  gear.The  fact  that  Expanets 
had  installed  CarrAmerica’s  old  Avaya  IP 
PBXs  and  had  an  extensive  background  in 
voice  was  key  says  Barry  Krell,  vice  presi¬ 
dent  and  director  of  engineering  at  the 
Washington,  D.C.,  company 

“It’s  been  a  huge  change  for  Expanets  to 
sell  something  other  than  Avaya  for  voice,” 
Krell  says.  And  while  his  firm  was  learning 
to  deal  with  the  transition  from  TDM  voice 
to  voice  over  IP  (VoIP),  in  many  cases  the 
Cisco-Avaya  channel  partner  supporting 
Krell  was  learning  with  him. 

As  more  businesses  look  to  conver¬ 
gence,  VoIP  technology  is  reshaping  how 
companies  buy  telecom  and  datacom 
gear  and  services  from  resellers,  and  forc¬ 
ing  these  middlemen  companies  to  re¬ 
group  and  reshape  themselves. 

Equipment  vendors  promote  the  pro¬ 
ductivity  gains  and  cost  reductions  of 
convergence,  but  it’s  the  channel  partners 
and  integrators  that  usually  deal  with 
companies  shopping  for  IP  telephony. And 


how  well  these  channel  partners  and 
value-added  resellers  (VAR)  can  handle 
the  convergence  shift  could  be  reflected 
in  how  smooth,  or  rough,  a  VoIP  installa¬ 
tion  can  go  in  a  company 

“For  the  telecom  resellers  and  the  data¬ 
com  guys,  VoIP  is  a  new  thing,  and  both 
are  having  their  struggles,”  says  Troy  Buck, 
senior  sales  manager  atTeldata  Enterprise 
Networks,  a  San  Diego  firm  that  resells 
Nortel  and  Toshiba  telecom  and  VoIP  gear 
to  enterprise  customers. 

“Many  telecom  channel  partners  know 
PBXs  and  key  systems,  but  they  don’t  have 
much  IP  experience  or  knowledge  about 
quality  of  service  and  routers,"  Buck  says. 
“They  come  from  the  background  of  tip 
and  ring  [nomenclature  for  telephony 
wiring]  and  not  the  world  of  IP  QoS  and 
routers.” 

From  the  data  VARs’ perspective,  selling 
IP  voice  has  some  different  challenges, 
says  John  Barker,  director  of  operations  at 
Versatile  Communications  in  Marlbor¬ 
ough,  Mass. 

Barker’s  firm,  a  traditional  Ethernet 
switch  and  router  integrator,  took  on  sell¬ 


ing  VoIP  products  and  installation  a  year 
ago,  and  the  transition  was  tough. 
Learning  the  new  technology  and  con¬ 
vincing  customers  to  choose  Versatile  was 
a  challenge  at  first. 

“It’s  a  chicken-and-egg  issue,”  Barker 
says.  “Last  year  we  had  a  good  data  cus¬ 
tomer  that  was  shopping  for  a  voice  sys¬ 
tem;  they  looked  into  what  we  offered  for 
Voipbut  they  were  wary  of  going  with  us 
because  we  were  so  new  to  the  technol¬ 
ogy  and  the  technology  itself  was  new” 

Telecom  experience  smoothes  VoIP  rollout 

Working  with  a  strong  TDM-voice  com¬ 
pany  to  install  VoIP  was  a  requirement  for 
CarrAmerica’s  Krell. 

Along  with  Cisco  engineers,  Expanets 
helped  Krell  do  some  things  that  a  data- 
com-only  VAR  might  not  have  been  able 
to,  such  as  splitting  T-l  connections  be¬ 
tween  the  Avaya  PBX  and  Cisco  Call- 
Manager, which  let  the  company  gradually 
migrate  from  TDM  to  IP  voice.  The  move 
also  allowed  more  time  for  system  testing 
and  training,  instead  of  a  one-day  cutover. 

See  VoIP,  page  20 


Cautious  users  cast  wary  eye  on  WLANs 


■  BY  TIM  GREENE 

WALTHAM,  MASS.  —  The  benefits  of 
wireless  LANs  intrigue  potential  users  and 
have  them  hopeful  about  the  technology 
despite  what  they  perceive  as  significant 
shortcomings. 

That  was  the  conclusion  of  a  panel  of 
corporate  IT  executives  who  recently 
spoke  about  enterprise  IT  strategies  at  a 
meeting  of  the  Massachusetts  Telecom¬ 
munication  Council. 

In  the  wireless  realm,  security  ranked 
tops  among  their  concerns,  but  managing 
802. 1 1  b  and  802. 1 1  g  wireless  spectrum  in 
urban  areas  and  hospitals,  and  the  restric¬ 
tions  of  proprietary  protocols  also  wor¬ 
ried  the  group. 

“We’re  going  to  populate  our  new  build¬ 
ing  with  a  wireless  LAN,” said  Bill  Rebello, 
director  of  infrastructure  and  support  for 
medical  response  provider  Lifeline  in 
Framingham,  Mass.  “We  put  a  few  in  the 
old  building  to  see  how  business  respond¬ 
ed  to  it.  Users  want  it.” 


Lifeline  is  evaluating  equipment  with  an 
eye  on  making  sure  data  traveling  over  the 
wireless  network  can’t  be  hacked.  A  sim¬ 
ple  test  of  the  technology  was  enough  to 
scare  away  Dianne  Mortenson,  MIS  direc¬ 
tor  for  the  Legal  Sea  Foods  restaurant 
chain.  She  set  up  a  small  test  LAN  at  the 
company’s  Boston  headquarters,  “and  I 
could  get  into  the  LAN  in  the  company 
across  the  street,”  she  said.  That  was 
enough  for  her  to  put  the  technology 
on  hold. 

While  wireless  access  in  the  restaurants 
might  increase  productivity  of  managers, 
she  said  she  has  to  be  convinced  it  would¬ 
n’t  present  a  potential  weak  spot  in  Legal’s 
network.  Legal  also  hasn’t  figured  out 
whether  it  would  be  good  business  to 
offer  wireless  Internet  access  to  cus¬ 
tomers  because  it  might  encourage  them 
to  linger  without  buying  more  food.“We’re 
not  a  coffee  shop,” she  said. 

Mortenson  also  said  that  the  proprietary 
nature  of  security  protocols  for  802. 1 1 
See  WLANs,  page  20 


Outsourcing:  Financiall/stal 
providers  that  offer  service- 
agreements  with  teeth.  ' 


Concerning  IT 

Wireless  wasn’t  the  only  con¬ 
cern  of  speakers  at  the  Mass¬ 
achusetts  Telecommunication 
Council  forum  on  enterprise  IT 
strategies.  Other  hot  topics 
included:  •  Ty  ; 

_ _ _ 

Spam:  A  service  that  will  deaf  wi 
the  problem  effectively.  '■'*&** 


Quick  ROI:  New  projects  get  approved-'; 
in  most  cases  only  if  they  have 
proven  shorter  paybacks.  . '  ’  : 


Well,  I  was  hoping  to  ”«  »“ 
suede  lacker  I  i»st  !«“• « >> ' 
„st  kind  of  keeping  my  lingers 
crossed  that  it  doesn’t  rain  today- 


guy  ha 


Greg  Brown,  33,  seen 

talking  freely  to  co-workers 

.  • 


after  deploying 


Nokia  Message  Protector 

,  a m  manaaina  a 


“l  used  to  spend  most  of 

kinds  of  different  emaU  system,” 

and  spam  rejec  •  at  a  recent 

a  beaming  Greg  t0  plug  holes 

,T  industry  gateways,  l coking  after 

between  our  ^  ^  scanning  technolo- 

Features  les>  trying  to  keep  them 

Automatic  updated  -  all 

Signature  ^te  impiementation  of 

Updates  Nokia  Message  Protector.  Now 

,  p  secured  communication  paths,  spam 

mat  we  have  sec  w  reMon  I  can 

protection  and  mtellige  v  the 

of  mv  bunker  and  get  to  n 
come  out  of  y  a,ready  mem0r.zed  all 

people  around  me  ^  finance 

the  names  of  tne  p  ite  c00l — 

Department,  and  some  o  sometime: 


Introducing  Nokia  Message  Protector. 


Nokia  has  created  a  complete  purpose-built  appliance 
that  integrates  innovative  security  technologies 
including  virus  protection  from  Trend  Micro™,  with 
unique  Nokia  filtering  software  —  known  as  statistical 
protection  —  to  deliver  new  levels  of  enterprise  email 
security.  Nokia  Message  Protector  deploys  in  minutes 
and  provides  secure,  automatic  updates  to  optimize 
email  system  integrity.  With  the  ability  to  process  up  to 
120,000  emails  per  hour,  and  the  intelligence  to  control 
the  content  that  enters,  flows  through  and  leaves  your 
network,  you  can  spend  more  time  doing  things  that 
matter  —  like  getting  to  know  your  colleagues! 

If  you’d  like  more  time  to  chat,  visit 
www.nokia.com/get_a_life/americas 
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Infrastructure 


So  profound  is  the  effect  of  technology 
on  our  lives  that  “Ethernet  at  30” 
jubilee  articles  have  even  shown  up  in 
the  mainstream  press.  And,  while  I  don’t 
find  myself  disagreeing  with  the  fundamen¬ 
tal  assertions  in  these  stories,  they  leave  out 
the  key  point  that,  compared  with  “Ethernet 
at  birth,”  today’s  Ethernet  really  isn’t  Ether¬ 
net  at  all.  (See  related  story  page  36.) 

We  need  to  first  know  where  Ethernet  “is,” 
relative  to  the  Open  Systems  Interconnec¬ 
tion  model.  When  formally  defined,  Ether¬ 
net  (like  FDDI  and  token  ring)  consists  of 
just  the  lower  two  layers  of  the  protocol 
stack.To  make  it  a  tad  more  confusing,  the 


Ethernet  at  30 

LAN  media  access  control  actually  maps 
into  Layer  1  and  the  bottom  half  of  Layer  2. 

Ethernet,  oversimplified,  is  a  frame  for¬ 
mat,  using  an  access  mechanism  over 
physical  cabling.  Looking  at  each  will  help 
you  understand  why  I  make  my  assertion 
that  today’s  Ethernet  isn’t  really  Ethernet. 

In  the  beginning,  Ethernet  was  all  about 
connecting  stations  via  physical  taps  into 
a  coaxial  network.  Even  before  the  more 
fundamental  move  up  to  Fast  Ethernet, 
that  part  of  the  specification  was  replaced 
with  the  more  familiar  lOBase-T  hub 
model.  And,  as  time  has  gone  by  the  so- 
called  Ethernet  PHY  has  been  revamped 
and  reinvented  time  and  again  as 
required. 

The  distributed,  multi-user  aspect  of 
Ethernet  was  probably  the  most  important 
attribute  —  especially  given  the  main¬ 
frame/hierarchical  model  that  was  preva¬ 
lent  at  the  time.  Ethernet’s  approach  was 


known  as  CSMA/CD  for  Carrier  Sense, 
Multiple  Access  with  Collision  Detection. 

It  worked  fine  in  lightly  loaded  environ¬ 
ments,  but  as  traffic  grew  so  did  collisions, 
and  effective  throughput  dropped.  This 
forced  many  companies  to  create  smaller 
and  smaller  groups  of  Ethernet.  It  also  gave 
FDDI  and  token  ring  a  chance  to  break 
into  the  marketplace. 

Both  of  these  LANs  used  a  deterministic, 
token-passing  scheme  and,  unlike  Ether¬ 
net,  could  be  driven  to  nearly  100%  utiliza¬ 
tion  without  degrading.  They  also  offered 
key  features  such  as  support  for  priority 
bits  and  larger  frame  sizes  —  elements 
Ethernet’s  architects  did  not  provide. 

So  Ethernet  “morphed”  as  its  frame  for¬ 
mat  was  upgraded  with  four  more  bytes  to 
provide  virtual  LAN  and  priority  functions 
(IEEE  802.  lp/Q).And  while  still  not  part  of 
the  standard,  Jumbo  Frames  of  9,000  bytes 
commonly  are  supported  on  today’s 
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Ethernet  gear. 

With  the  advent  of  switching,  Ethernet 
left  behind  the  most  fundamental  part  of 
its  heritage,  CSMA/CD.  A  switched  environ¬ 
ment  appears  to  each  user  as  a  dedicated 
LAN,  thus  no  carrier  sense,  no  multiple  ac¬ 
cess  and  need  for  collision  detection. 
Ethernet  is  no  longer  Ethernet.  (CSMA/CD 
was  included  in  the  Gigabit  Ethernet  stan¬ 
dard  though  rarely  implemented.  It  is  not 
included  in  the  10G  Ethernet  standard.) 

At  30,  Ethernet  retains  only  the  frame  for¬ 
mat  from  the  original  spec  —  and  even 
that  has  been  tinkered  with.  But  it  serves  us 
well,  and  having  one  topology  that  com¬ 
bines  the  best  of  others  is  far  better  than 
supporting  many. 

Tolly  is  president  of  The  Tolly  Group,  a  stra¬ 
tegic  consulting  and  independent  testing 
company  in  Manasquan,  N.J.  He  can  be 
reached  at  ktolly@tolly.com. 


VoIP 

continued  from  page  17 

Expanets  also  got  rid  of  the  old  Avaya  gear, 
which  some  datacom  VARs  reselling  Cisco 
VoIP  said  they  would  not  do,  he  says. 

CarrAmerica  eventually  replaced  its 
home-office  Avaya  switch  with  a  Cisco 
CallManager  and  rolled  out  400  IP  phones 
in  its  main  office  last  year.  The  company 
plans  to  consolidate  60  of  its  offices  nation¬ 
wide  onto  the  centralized  CallManager  and 
add  another  500  IP  phones  across  the 
country  this  year. 

“They  put  a  lot  of  time  and  effort  into  our 
project  because  they’re  a  good  company 
with  smart  people,”  Krell  says  of  Expanets 
and  Cisco.“But  I’m  sure  part  of  the  reason 
was  to  make  sure  it  worked  so  we  could 
be  a  reference.” 

New  waves  from  a  big  fish 

For  many  big  corporations,  the  old  way 
of  telecom/datacom  resellers  translated  to 
Nortel-Cisco  or  Avaya-Cisco.  Convergence 
has  shaken  up  this  model,  some  integra¬ 
tors  say,  and  equipment  vendors  are  react¬ 
ing  in  different  ways. 

“Cisco  providers  have  become  very 
responsive  to  RFPs  that  they  wouldn’t 


have  been  considered  for  in  the  past,” 
says  Mike  Olsen,  senior  vice  president  of 
sales  at  NextiraOne,a  provider  of  Alcatel, 
Cisco  and  Nortel  voice  and  data  gear 
and  services.  He  says  IP  telephony  is 
being  approached  in  two  ways:  gradual 
migration,  and  rip  and  replace.  Large 
companies  with  entrenched  PBX  sys¬ 
tems  such  as  Alcatel,  Avaya,  Nortel  or 
Siemens  often  are  opting  to  IP-enable 
those  systems.  Many  businesses  with  a 
patchwork  telecom  infrastructure  or 
companies  that  are  moving  to  new  loca¬ 
tions  are  considering  the  pure-IP 
approach  of  vendors  such  as  Cisco. 

In  the  fourth  quarter  of  2002,  Cisco  had 
44%  of  the  $191.7  million  in  VoIP  revenues 
in  North  America,  according  to  Synergy 
Research. Traditional  voice  leaders  lagged 
far  behind  in  the  market,  as  Avaya  (12% 
market  share)  and  Nortel  (8%)  came  in 
second  and  third,  respectively 

Teldata’s  Buck  says  the  fact  that  Cisco  is 
now  into  voice  has  been  a  huge  change  in 
the  channel. 

“Cisco  definitely  has  the  ears  of  the  IT 
departments,  and  they’re  making  a  lot  of 
headway  with  that  advantage,”  he  says.  “IT 
people  see  voice  as  just  one  more  thing  to 
run  across  their  data  networks.”  He  adds 


that  Cisco’s  jump  into  the  VoIP  market  also 
results  from  traditional-voice  gear  makers 
being  slow  to  react  to  the  VoIP  market. 

Versatile’s  Barker  says  his  company 
resells  Cisco  equipment  but  focuses  on 
HP  switches  and  Mitel  IP  telephony  gear. 
When  you  sell  only  Cisco  VoIP  and  switch¬ 
es, “it  might  be  you  and  100  other  resellers 
bidding  on  a  Cisco  project,  cutting  each 
other’s  throats,”  he  says. 

Choosing  the  right  partner 

From  whichever  path  companies  ap¬ 
proach  convergence,  choosing  the  right 
third-party  partner  will  be  important  for 
larger  companies,  one  integrator  says. 

“It  can  be  very  complex  and  expensive 
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wireless  gear  makes  her  hesitant  to  use  it 
as  well. 

For  John  Powers,  chief  administrative 
officer  for  IS  at  CareGroup  Healthcare  Sys¬ 
tem,  interoperability  is  a  requirement  for 
wireless  gear  he  installs  in  the  group’s 
hospitals,  which  include  Boston’s  Beth 
Israel  Deaconess  Medical  Center. 

Powers  said  he  hopes  for  interoperable 
authentication  and  encryption  schemes 
between  all  wireless  cards  and  all  wireless 
access  points  so  visiting  doctors  legiti¬ 
mately  and  safely  can  tap  into  hospital 
resources  using  their  own  machines. 
“Trying  to  accommodate  people  who 
work  in  two  wireless  environments  who 
have  their  own  [network  interface  cards] 
has  not  been  easyf  he  says. 

Meanwhile  Kavin  Moody  executive  direc¬ 
tor  of  the  Center  for  Information  Manage¬ 
ment  Studies  at  Babson  College  in  Welles¬ 
ley,  Mass.,  said  the  school  has  embraced 
wireless  for  students  and  accepted  that 
some  aspects  of  it  are  proprietary. The  tech¬ 
nology  has  become  an  accepted  tool  for 
the  school  because  the  benefits  outweigh 


to  re-create  your  voice  network  over  your 
data  network,”  says  Darren  Spohn,  CEO  of 
Spohn  &  Associates,  an  Austin,  Texas, 
reseller  of  Cisco  gear  and  AT&T  services. 
“And  no  offense  to  the  equipment  compa¬ 
nies,  but  it’s  not  as  easy  as  some  might 
make  it  out  to  be.” 

He  says  customers  can  expect  to  see  the 
telecom/datacom  integration  line  be¬ 
come  less  defined  as  convergence  gains 
more  momentum. 

“The  business  voice  market  is  a  very 
large  market,  and  capturing  it  is  a  big  busi¬ 
ness,”  Spohn  says.  “You’ll  see  a  lot  of 
nontraditional  voice  companies  trying 
harder  to  get  a  piece  of  it  as  the  market 
evolves.”  ■ 


the  risks.  But  he  said  ffe  understands  that 
other  businesses  need  technical  standards 
before  they  can  jump  onboard.”!  think  it’s  a 
very  industry-specific  thing,’ ’he  said. 

Risks  aside,  Pbwers  said  frequency  inter¬ 
ference  in  hospitals  also  is  a  concern 
because  802.1 1  uses  an  unlicensed  range 
that  can  bump  against  the  radio  frequen¬ 
cy  used  by  wireless  medical  telemetry 
equipment,  potentially  disrupting  the  LAN 
and  medical  gear.  “We  need  to  conserve 
air  space  within  our  buildings  and  make 
sure  people  don’t  introduce  interference,” 
he  said. “We’re  looking  for  detection  tools 
for  radio  interference.” 

With  sites  in  Boston,  he  expects  the  hos¬ 
pitals  to  face  interference  from  wireless 
equipment  in  neighboring  buildings  as 
well.  “My  concern  is  that  as  hot  spots 
increase,  2.4GHz  for  medical  telemetry, 
microwaves,  [radio  frequency  identifica¬ 
tion],  we  will  get  an  increase  in  frequency 
interference,”  Pbwers  said. 

Money  for  wireless  purchases  is  part  of 
CareGroup’s  2004  budget  and  includes 
funds  for  a  way  to  track  down  rogue  access 
points.  Powers  said  he’s  not  necessarily 
opposed  to  these  access  points  as  long  as 
they  are  properly  secured.  ■ 


VoIP  channel  challenges 

Value-added  resellers  of  LAN,  IP  telephony  and  traditional  phone  gear 
are  changing  how  some  IT  providers  operate.  Some  tips  for  picking  the 
right  reseller  to  install  your  converged  network. 

•  Find  out  how  long  a  company  has  installed  IP  telephony  equipment,  and  what 
vendor  certification  level  the  integrators  and  support  staff  have. 

•  If  integrating  IP  telephony  into  a  multi-vendor  datacom  and  PBX  infrastructure, 
find  a  partner  with  a  strong  background  in  telecom  in  addition  to  IP  and  LAN/ 

WAN  expertise. 

•  For  green-field  installations  where  all  new  voice  and  data  gear  is  going  in  (such 
as  a  newly  built  office),  it  could  be  easier  to  deal  with  smaller  resellers  that  have 
a  single-vendor  LAN/IP  telephony  offering. 
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No  Wi-Fi?  You're  Covered 


Enterprise  mobility  applications  based  on  3G  CDMA  wireless  networks  are  revolutionizing  business  in  ways  that  Wi-Fi  can't. 
Offering  ubiquitous  coverage  and  speeds  better  than  landline  dial-up,  you'll  have  instant  access  to  your  office,  even  if  you 
aren't  a^a  location  that  offers  Wi-Fi.  That  translates  into  more  time  each  day  that  you're  operating  at  peak  efficiency.  Best  of 
all,  you  won't  be  limited  by  Wi-Fi  "hot  spot"  availability.  Remember,  not  all  wireless  technologies  are  created  equal.  To  find 
out  what  the  differences  are,  ask  your  wireless  provider  whether  they  offer  true  nationwide  3G  services. 


UALCOMM 


www.qualcomm.com/ enterprise? 


32003  QUALCOMM  Incorporated.  All  rights  reserved 


23 


6/23/03 


NetworkWorld 
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■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


■  Fortinet  IS  adding  intrusion-preven¬ 
tion  software  to  its  multi-function 


security  platform,  letting  customers 
block  a  range  of  threats  or  suspected 
attacks.  Version  2.5  of  its  FortiOS 
software  for  FortiGate  appliances  also 
upgrades  its  virus  scanning  intrusion 
detection,  firewall  and  VPN  capabili¬ 
ties.  The  package  is  configured  to 
block  more  than  30  known  attacks 
such  as  denial  of  service  and  distrib¬ 
uted  DoS,  SYN  floods  and  other  pro¬ 
tocol  floods,  buffer  overflows,  ping  of 
death  and  port  scanning.  The  soft¬ 
ware  uses  many  means  to  block 
attacks,  including  dropping  suspicious 
packets,  resetting  connections  and 
blocking  source  addresses.  The  com¬ 
pany  also  has  added  the  ability  to 
scan  FTP  files  for  viruses.  Before,  its 
anti-virus  software  could  scan  only 
POP3,  Simple  Mail  Transfer  Protocol, 
Internet  Message  Access  Protocol 
and  HTTP  traffic.  It  can  scan  e-mails 
and  filters  based  on  different  parame¬ 
ters  such  as  sender,  black  lists  and 
white  lists  and  words  and  phrases  in 
the  body  of  the  message.  It  also  now 
can  scan  LZH  compressed  traffic  and 
HTTP  traffic  that  enters  via  firewall 
ports  other  than  Port  80.  Customers 
can  set  aside  up  to  15%  of  the  mem¬ 
ory  on  FortiGate  gear  to  quarantine 
suspicious  files  until  they  can  be 
examined.  FortiOS  2.5  is  available  this 
month  on  new  equipment  and  is  avail¬ 
able  free  as  part  of  service  contracts 
for  existing  customers. 

■  Computer  Associates  this  fail 
plans  to  ship  security  and  policy- 
enforcement  software  to  fight  viruses 
and  spam,  filter  Web  content  in  accor¬ 
dance  with  corporate  use  policies, 
and  block  peer-to-peer  file  sharing. 
CA's  eTrust  Secure  Content  Man¬ 
agement  marks  the  first  time  CA 
has  sought  to  integrate  security  for 
the  Web,  e-mail  and  file  transfers  into 
one  software  package.  The  software 
will  run  on  Windows  platforms  and  will 
include  CA's  desktop  anti-virus  prod¬ 
uct.  ETrust  Secure  Content  Manage¬ 
ment  will  cost  $55  per  seat,  but  that  is 
cut  in  half  for  users  of  CA’s  anti-virus 
products  who  want  to  upgrade. 


IBM  users  take  on  integration 

IT  executives  discuss  pros,  cons  of  committing  to  business  application  integration. 


■  BY  DENISE  DUBIE  AND 
MICHAEL  COONEY 

NEW  YORK  —  When  faced  three  years 
ago  with  a  $100  million  forklift  upgrade  of 
his  infrastructure,  Mike  Sutten  realized  he 
needed  to  find  another  way  to  integrate 
data  and  business  processes  across  25 
floating  business  units  —  his  company’s 
cruise  ships. 

Sutten,  vice  president  of  IT  development 
at  Royal  Caribbean  and  Celebrity  Cruises, 
said  he  needed  to  build  a  system  that 
would  let  25  cruise  ships  connected  with 
an  existing  satellite-based  WAN  share  infor¬ 
mation  and  support  a  variety  of  applica¬ 
tions  —  in  hopes  of  garnering  more  rev¬ 
enue.  When  he  learned  that  about  $33  mil¬ 
lion  of  that  $100  million  project  price 
would  go  toward  developing  interfaces 
that  would  integrate  the  ship’s  myriad 
applications,  Sutten  decided  to  look  for  a 
better  way 

“The  violent  transformation  we  originally 
had  in  mind  was  just  not  feasible,"  he  said. 

Sutten  recently  spoke  at  IBM’s  Integration 
Day  event,  a  gathering  of  IBM  partners, 
executives,  customers  and  press,  to  talk 
about  application-integration  issues.  IBM 
also  used  the  forum  to  announce  new 
application  adapters  and  security  features 


for  its  WebSphere  product  line. 

In  Sutten’s  case,  his  company  picked  IBM 
WebSphere  Business  Integration  Server  to 
develop  standard  processes,  integrate 
applications  and  build  interfaces  between 
the  company’s  own  applications  and  those 
of  suppliers  and  partners.  WebSphere 
Business  Integration  Server  software  sits 
between  applications  and  lets  them  com¬ 
municate  with  each  other,  without  requir¬ 
ing  customers  to  write  specific  interfaces 
for  each  application.  IBM  also  develops 
adapters  specific  to  popular  applications, 
such  as  SAP  and  Siebel  Systems. 

The  goal  of  Royal  Caribbean’s  five-  to 
seven-year  plan  is  to  develop  a  platform  to 
which  applications  can  connect  and  share 
data  —  which  Sutten  says  is  a  step  toward 
Web  services  for  his  organization. 

Sutten  and  his  team  have  built  an  inter¬ 
face  to  his  dining  room  management 
application.  He  plans  to  build  an  integra¬ 
tion  interface  for  the  food  and  beverage 
applications,  and  the  cruise  lines  account¬ 
ing  and  supply-chain  systems  —  all  of 
which  come  from  different  vendors. 

Ideally,  Sutten  says,  he  would  like  to  see 
suppliers  and  partners  open  up  their  appli¬ 
cations  via  APIs  to  integrate  with  Royal 
Caribbean  to  enable  more  efficient  credit 
card  processing.  The  new  system  would 


Cutting  glass 


Safelite  Glass  hopes  to  reduce  application  integration  development  time 
by  up  to  80%  by  eliminating  redundant  systems  and  simplifying  interface 
requirements. 
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interfaces  to  integrate 
data  and  applications 
with  its  112  partners  and 
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charge  guests  fewer  times  and  reuse  the 
guest  data  across  applications,  rather  than 
processing  it  in  multiple  instances. 

Dan  Vaught,  manager  of  enterprise  archi¬ 
tecture  and  integration  at  Safelite  Glass, 
spoke  of  how  he  needed  to  integrate  data 
stored  mostly  on  mainframes  with  distrib¬ 
uted  server  systems,  and  partner  and  sup¬ 
plier  applications. 

By  using  WebSphere  Business  Integration 
Server,  Safelite  will  move  to  fewer,  more 
common  systems  that  will  share  a  data 
model  and  let  the  company  reuse  applica¬ 
tion  technology,  rather  than  building  new 
interfaces  among  applications  from 
scratch.Vaught  would  not  comment  on  the 
ROI  he  expects  to  achieve  by  deploying 
WebSphere,  but  he  says  using  the  software 
will  let  him  build  interfaces  between  appli¬ 
cations  in  20%  of  the  time  it  normally 
would  take. 

“My  managers  wanted  to  know  that  we 
would  put  a  system  in  place  that  10  years 
from  now  would  be  able  to  react  to 
changes, ’’Vaught  said. 

While  Vaught  is  in  the  process  of  integra¬ 
tion,  and  Sutten  has  just  begun,  they  agree 
that  business  process  and  data  integration 
projects  are  not  without  challenges. 

“You  have  to  be  sure  you  are  delivering 
some  sort  of  value  along  the  way  and  that 
you  continue  to  meet  business  needs,”  Sut¬ 
ten  said. 

He  added  that  management  needs  to 
know  that  the  initial  transformation  to  a 
shared  data  and  process  integration  system 
has  an  end  date,  even  though  additional 
integration  and  interfaces  can  be  added 
indefinitely 
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MCI. 


Introducing  MCI  Advantagef  the  world’s  first  truly  converged  voice  and 
data  service.  It  gives  your  company  local  and  long  distance  calling  with 
Internet  services  on  one  global  IP  network.  Plus  easy  online  account 
management,  voicemail  control  features,  and  pay-as-you-go  flexibility 
with  a  minimal  upfront  investment.  In  other  words,  it’s  what  every  CEO  and 
CIO  wants  To  get  your  MCI  Advantage  now,  call  1  888  886  3844 
or  go  to  www.mci.com/go/proof 


Local  service  not  available  in  all  areas. 
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Security  appliance  adds  P-to-P  controls 


■  BY  ELLEN  MESSMER 

TippingPbint  Technologies  has 
announced  an  intrusion-preven¬ 
tion  appliance  that  the  company 
says  can  block  a  half-dozen  peer- 
to-peer  applications,  including 
BearShare,  Gnutella,  iMesh,  Ka- 
zaa,  Limewire  and  WinMX. 

TippingFbint’s  UnityOne  200  is 
a  gateway  appliance  that 
supports  200M  bit/sec  traffic 


throughput  at  the  gateway.  As 
an  intrusion-prevention  system 
(IPS),  it  monitors  real-time  traffic 
much  like  TippingPoint’s  higher- 
end  models  —  the  UnityOne 
1200,  2400  and  2000  —  that 
reach  gigabit  speeds. 

The  UnityOne  200,  aimed  at 
small-  or  remote-office  use,  is 
the  first  appliance  in  the 
TippingPoint  line  to  monitor  for 
peer-to-peer  file  sharing.  Several 


Stalker  server  gets 
groupware  features 

■  BY  JOHN  FONTANA 

Corporate  users  searching  for  low-cost  alternatives  to  the  major 
e-mail  platforms  can  look  at  new  groupware  features  this  week  in 
Stalker  Softwares  CommuniGate  Pro. 

The  company  is  set  to  release  Version  4.1  of  its  e-mail  server,  which 
adds  calendars,  group  scheduling,  contacts  and  a  multi-language 
spellchecker  to  its  list  of  features  supported  in  a  browser  interface. 
The  CommuniGate  server  also  supports  the  full  groupware  interface 
of  Microsoft’s  Outlook  client. 

“We  already  have  the  Web  mail,  and  now  we  are  beefing  up  the 
interface  to  make  it  a  groupware  client,” says  Joanne  Menapace,  prod¬ 
uct  marketing  manager  for  Stalker. 

Stalker  and  other  vendors,  such  as  Gordano,  Ipswitch,  Mirapoint, 
Rockliffe  Systems  and  Sendmail,  offer  low-cost  alternatives  to 
IBM/Lotus  Domino  and  Microsoft  Exchange,  which  both  are  begin¬ 
ning  major  revamps  of  their  platforms.  IBM/Lotus  is  covering  both  its 
bases  with  last  month’s  release  of  Workplace  Messaging,  a  low-cost 
e-mail  engine  that  runs  on  WebSphere  and  the  DB2  database. 

“Web  browser  access  means  everybody  can  have  e-mail,”  says  Tim 
Sloane,  an  analyst  with  Aberdeen  Group.  “It’s  a  fast  way  to  reduce 
costs  and  achieve  ubiquity? 

Sloane  says  Stalker’s  addition  of  a  more  feature-rich  Web  interface 
is  necessary,  but  that  Web-based  e-mail  lacks  certain  features  such  as 
disconnected  mode,  which  lets  users  work  on  e-mail  while  offline. 
Also,  he  asks,  “with  a  Web  interface,  how  do  you  begin  to  integrate 
other  features  like  presence  or  voice  over  IP  when  you  talk  about  col¬ 
laboration?” 

Collaboration  is  a  major  topic  these  days,  especially  the  ability  to 
break  collaboration  features  into  components  that  can  be  integrated 
with  other  applications. 

But  Stalker  is  not  focusing  on  that  trend. 

“We  will  continue  with  our  model  in  that  what  we  add  to 
CommuniGate  will  be  on  the  server.  We  are  not  working  on  the  com¬ 
ponent  model,”  says  Ali  Liptrot,  marketing  director  for  Stalker. 

The  company's  aim  now  is  to  entice  Microsoft  Exchange  users  to 
make  a  switch,  especially  those  on  Version  5.5,  who  must  deploy 
Active  Directory  before  they  can  upgrade  to  either  Exchange  2000  or 
2003,  which  will  ship  this  fall. 

Stalker  plans  to  offer  Exchange  migration  tools  before  the  end  of 
August,  according  to  company  officials.  The  company  also  will  dis¬ 
count  its  Mail  API  (MAPI)  Connector  to  support  Exchange  migrations 
and  continue  to  support  multiple  platforms.  CommuniGate  Pro  runs 
on  30  platforms,  including  many  varieties  of  Unix,  Linux,  Macintosh 
and  Windows. 

CommuniGate  is  priced  at  $499  for  50  Web-based  users.  The  MAPI 
connector,  which  allows  25  MAPl-client  connections  to  the  server, 
costs  $1,200.  ■ 


vendors,  including  Akonix  and 
WebSense,  offer  content-filtering 
products  to  block  peer-to-peer 
applications  at  the  gateway  as 
concern  grows  about  peer-to- 
peer  as  a  bandwidth  hog  and 
possible  source  of  copyright 
violations. 

“Copyright  infringement  is  a 
concern  with  the  uploading  or 
downloading  of  video  and 
music  files,”  says  Mike  Phillips, 
CIO  at  Texas  Tech  University 


Health  Sciences  Center  medical 
school  in  Lubbock,  which  has 
been  beta-testing  the  UnityOne 
200.  “People  in  their  20s  some¬ 
times  don’t  appreciate  the  mag¬ 
nitude  of  what  they’re  doing  and 
that  there  may  be  serious  conse¬ 
quences  to  using  [peer-to-peer] 
applications.” 

Peer-to-peer  can  be  especially 
hard  to  trace  because  the  peer- 
to-peer  applications  often  have 
been  designed  to  be  elusive, 
using  techniques  such  as  port¬ 
hopping  to  try  to  fool  intrusion- 
detection  systems  and  content¬ 


filtering  devices.  In  addition,  new 
peer-to-peer  applications  appear 
continuously  and  old  applica¬ 
tions  change. 

Phillips  says  he  knows  that  the 
appliance  might  not  catch  every 
peer-to-peer  application  on  the 
Internet.  He  says  the  Tipping- 
Point  appliance  blocks  about  six 
of  them. 

“These  services  are  constantly 
morphing,  so  trying  to  stop  100% 
of  the  traffic  may  be  naive  and 


overly  optimistic,”  he  says. 

Texas  University  Health  Sci¬ 
ences  also  uses  the  UnityOne 
200,  which  costs  about  $25,000, 
to  block  attack  traffic  from  the 
Internet. TippingPoint  says  it  also 
is  adding  the  peer-to-peer  block¬ 
ing  to  its  other  higher-speed  IPS 
appliances. 

Meanwhile  another  intrusion- 
prevention  security  appliance 
vendor,  NetContinuum,  has 
announced  it  will  enhance  its 
Web  Security  Gateway  line  of 
100M  bit/sec  and  gigabit-speed 
appliances. 


The  Web  Security  Gateway 
appliances  cost  from  $38,000  to 
$52,000.  They  are  used  to  hide 
details  about  Web  servers  and 
applications  through  a  “Web  site 
cloaking”  method,  and  stopping 
attacks  through  anomaly  detec¬ 
tion  and  application  profiling  to 
block  an  attempt  to  manipulate 
a  server  in  an  unexpected  way. 

Until  now,  each  Web  Security 
Gateway  appliance  —  which  typ¬ 
ically  is  deployed  behind  the 
firewall  —  had  to  be  managed 
by  a  separate  console.  The  new 
management  console  can  pro¬ 
vide  a  view  of  multiple  Web 
Security  gateways  across  the 
enterprise,  according  to  NetCon- 
tinuum’s  Vice  President  of  Mar¬ 
keting  Wes  Wesson. 

The  appliance  can  also  push 
out  policies  to  every  Web 
Security  Gateway,  or  configure 
each  Web  Security  Gateway  to 
support  multiple  policies  — 
such  as  one  of  internal  employ¬ 
ees  and  the  other  for  business 
partners,  according  to  Wesson. 

NetContinuum  also  has  added 
a  feature  to  its  Web  Security 
Gateways  that  will  let  adminis¬ 
trators  set  up  virtual  LANs  on  a 
per-application  basis  to  force 
internal  traffic  back  through  the 
gateway  for  inspection. This  fea¬ 
ture  is  intended  to  quickly 
detect  and  stop  worm  infections 
that  break  out  inside  the  net¬ 
work  on  the  corporate  LAN, 
Wesson  says.  ■ 


TippingPoint’s  UnityOne  200  can 

monitor  peer-to-peer  file-sharing  activities. 


Low-cost  Sun  bundles  target 
financial  services  industry 


■  BY  REBECCA  REID 

Sun  has  teamed  with  two  software  companies  to 
offer  financial-information  exchange  bundles  for  the 
financial  services  community 

The  company  worked  with  B2Bits  and  Financial 
Fusion  to  create  the  FIX  products,  which  Sun  says  are 
relatively  inexpensive. 

FIX  is  a  messaging  protocol  based  on  XML  that  was 
developed  for  the  financial  industry  so  users  could 
conduct  securities  transactions  in  real  time.  It  is 
commonly  deployed  in  large  securities  firms  that 
conduct  trades,  called  “sellers”, such  as  Merrill  Lynch 
and  The  Goldman  Sachs  Group.  But  buyers  have  not 
adopted  it  as  much,  says  David  Littlewood,  director 
of  financial  services  for  Sun. 

Sun  will  pre-install  B2Bits’  FIXEdge  or  Financial 
Fusion’s  GlobalFix  Lite  on  its  Sun  Fire  LX50  server, 
running  Red  Hat  Linux  on  an  Intel  Pentium  III 


processor.  Users  also  can  buy  the  software  pre-con- 
figured  to  run  on  Sun’s  Solaris  x86  Platform  Edition, 
the  company  says. 

B2Bits  and  Financial  Fusion  are  competitors  in  the 
FIX  market. 

“They  compete  openly,  but  for  the  purposes  of  this 
they’ve  actually  both  worked  with  us  to  provide  a 
solution,  and  the  price  for  both  is  the  same," 
Littlewood  says. 

In  the  near  future,  Sun  also  plans  to  offer  the  two 
software  packages  on  its  Sun  Fire  v60x  and  Sun  Fire 
v65x  servers,  with  either  Red  Hat  Linux  or  the  Solaris 
x86  Platform  Edition. 

The  financial-information  bundles  cost  $2,500  per 
month  for  a  three-year  lease  regardless  of  configura¬ 
tion,  Sun  says. 

Reid  is  a  correspondent  with  the  IDG  News 
Service  s  Toronto  bureau. 
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Dynamic  Threat  Protection.  The  most  complete  protection  available. 

Most  large-scale  Internet  attacks  completely  bypass  firewalls  and  anti-virus.  We  stop  these 
threats  cold.  How?  Simple.  We  are  #1  in  the  world  for  security  intelligence  and  threat  protection 
technology.  We  deliver  the  fastest,  most  accurate  detection,  prevention  and  response  solution. 
We  call  it  Dynamic  Threat  Protection.  Visit  us  at  www.iss.net/iss-nww  or  call  800-776-2362. 
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IBM  TotalStorage 


i  ■  y.tge  Virtuaiwion  Fan  u»y  consstsol  the  SAN  Integration  Server  and  the  SAN  \tokjme  Controller  IBM,  the  IBM  logo  and  TotalStorage  are  trademarks  of  International 
;  Machines  Corporation  Otfier  company  product  and  service  names  may  be  trademarks  or  service  marks  of  ottiers.  i©  2003  IBM  Corporation  AH  rights  reserved. 


Manages  storage  resources  to  meet  changing  demand.  On  demand. 


The  human  body  has  an  amazing  capacity  to  adapt  to  shifting 
demands.  So  do  IBM  TotalStorage  products. The  IBM  TotalStorage 
Virtualization  Family  manages  your  individual  storage  resources 
as  one  common  virtual  pool.  It  can  then  allocate  storage  to  your 
servers,  helping  to  improve  availability  and  utilization.  On  demand. 
Helping  to  lower  your  costs. 

TotalStorage:  storage  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/totalstorage/ondemand 
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Enterprise  Applications 


Reading  into  the 

Another  year  has  gone  by,  and  the  FCC 
has  issued  its  annual,  almost-useful 
report  on  the  state  of  high-speed  Inter¬ 
net  access  deployment  in  the  U.S.  Some  of 
the  statisticians  I  used  to  work  with  would 


FCC’s  ’Net  access 

love  this  data  because  it  is  so  easy  to  twist 
to  support  almost  any  view,  optimistic  or 
pessimistic, about  the  future  of  the  Internet. 

Some  of  the  news  coverage  of  this  report 
(www.nwfusion.com,  DocFinder:  6432) 


Turn  to  us  for  your  Connectivity  Unlimited ™  needs 
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With  the  newest  Airbus  fleet  in  the  industry  and  a  number  of  first  and  onlys,  including  leather 
seats  and  DIRECTV™  programming,  it's  no  wonder  JetBlue  Airways  has  taken  off  so  quickly 
ahead  of  the  major  airlines.  ♦  When  they  needed  to  connect  their  LAN  to  a  new  building 
without  any  access  to  fiber,  JetBlue  made  another  leap  and  deployed  Free  Space  Optics 
connectivity  from  MRV.  ♦  World-class  companies  like  JetBlue  keep  their  networks  flying  by 
choosing  MRV  for  unlimited  connectivity  options.  Since  1988,  we  have  provided  connectivity 
solutions  for  networks  that  scale  in  size,  speed,  distance  and  complexity.  In  fact,  some  of  the 
world's  largest  networks  rely  on  our  switches,  routers,  optical  transport  systems  and  remote 
presence  equipment.  Our  connectivity  solutions  are  preferred  by  Fortune  500  companies. 


mrv.com/jetblue 


JetBlue  connects  people  to  their  destinations. 
MRV  keeps  JetBlue  connected  to  its  networks. 


The  names  of  actual  companies  and  logos  mentioned  herein  may  be  trademarks  of  their  respective  owners. 
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called  it  an  FCC  report  on  the  “status  of 
broadband  access,”  but  the  FCC  is  careful 
not  to  use  the  term  “broadband.” 

Maybe  this  is  because  the  agency  has  de¬ 
fined  “high-speed”  to  be  200K  bit/sec  in  at 
least  one  direction,  which  is  quite  a  bit  less 
than  most  assumptions  about  what  is 
meant  by  the  term  “broadband.”  The  FCC 
also  defines  a  second  term, “advanced  ser¬ 
vices,”  as  at  least  200K  bit/sec  in  both  direc¬ 
tions,  which  also  is  slower  than  what  I 
would  call  “broadband.” 

At  least  one  news  story  was  headlined 
“High-speed  ’Net  growth  slowing.”  It 
focused  on  the  fact  that  the  growth  rate  of 
subscribers  to  high-speed  Internet  access 
was  “only”  23%  in  the  second  half  of  2002, 
while  it  had  been  27%  during  the  first  half 
(never  mind  that  an  additional  1 .3  million 
people  subscribed  in  the  second  half, com¬ 
pared  with  1.1  million  in  the  first  half). The 
rate  of  the  increase  in  growth  slowed  some 
what  but  the  growth  rate  was  still  quite 
impressive. 

The  FCC  uses  an  easy-to-get  —  and  mis¬ 
use  —  measure  of  the  availability  of  high¬ 
speed  services.The  agency  checks  to  see  in 
what  ZIP  codes  someone  is  getting  high¬ 
speed  Internet  services.The  current  report 
says  that  someone  is  receiving  high-speed 
service  in  88%  of  the  ZIP  codes  in  the  U.S. 
and  that  99%  of  the  U.S.  population  lives  in 
these  ZIP  codes.  But  using  the  provision  of 
high-speed  service  to  at  least  one  sub¬ 
scriber  in  a  ZIP  code  as  a  measure  of  the 
overall  availability  presents, at  best,  an  opti¬ 
mistic  view  of  the  real  world.  It  would  be 
far  more  representative  to  have  some  mini¬ 
mum  threshold  of  actual  subscribers  per 
ZIP  code. 

What  that  threshold  should  be  cannot  be 
guessed  at  from  this  data  because  there  is 
no  information  on  what  percent  of  house¬ 
holds  (or  small  businesses)  receive  service 
in  each  ZIP  code. 

1  expect  the  FCC  actually  has  this  infor¬ 
mation  but  feels  it  can  not  provide  the  data 
because  it  would  give  away  too  much  in¬ 
formation  about  individual  providers.  (If 
you  look  at  the  tables  the  FCC  provides, you 
will  see  that  it  already  blocks  a  lot  of  data 
for  this  reason.) 

Another  easy-tomisuse  factor  in  the  data 
is  that  the  commission  looks  at  the  speed 
of  the  “last  few  feet"  (as  the  report  puts  it) 
when  determining  if  a  service  is  high¬ 
speed.  But  it  does  not  include  any  measure 
of  actual  available  bandwidth  —  with  the 
level  of  oversubscription  that  occurs  in 
DSL  and  cable  modem  access  networks, 
the  final  link  speed  can  be  meaningless. 

All  in  all,  it  is  better  that  the  FCC  provide 
these  stats,  even  if  it  would  be  better  if  the 
agency  provided  more  real  information. 

Disclaimer:  Harvard  has  a  department 
dedicated  to  the  use  —  or  misuse  —  of 
stats  like  this,  but  I  did  not  ask  it  for  help  in 
the  above. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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Powered  Network 


iPass  weaves  together  leading  networks  around  the  world,  so  you  can  connect  where  and 
when  you  want.  The  iPass®  Corporate  Access  service  gives  you  wireless,  broadband  and  dial¬ 
up  access  from  over  200  enterprise-ready  providers — delivered  with  secure  authentication, 
centralized  billing  and  management,  and  a  reliable,  consistent  connection  experience.  Try  to 

restrain  yourself.  Learn  how  to  integrate  Wi-Fi  simply,  safely  and  affordably.  View  the 
“Add  Wireless  to  Your  World”  demo  at  www.ipass.com/wireless59 


m 

IPass 


YOU  NEED  TO  GET  MORE  OUT  OF  THE  BOX 

YOU’VE  ALREADY  GOT. 
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You’ve  got  to  increase  capacity.  Boost  revenue.  Migrate  to  IP. 

And  do  it  all  over  your  existing  network.  At  lower  cost. 

No  one  leverages  your  network  investment  like  Lucent.  We  can  help  you: 

✓  Transform  your  circuit-switched  network  to  enable  new  services  such  as  IP  Centrex 
and  hosted  call  centers,  with  our  new  5E-XC’"  software. 

✓  Bring  Ethernet,  wavelength  and  storage  services  to  your  existing  SONET/SDH  network. 

✓  Leverage  your  current  Frame  Relay  and  ATM  networks  to  deliver  IP  Services 
such  as  VPN  and  managed  bandwidth. 

With  Lucent’s  Navis *  iOperations  software,  you  can  generate  revenue  from  new  services  without 
additional  OS  investment.  And  the  networking  experts  of  Lucent  Worldwide  Services  can  get  it 
all  working  for  you  fast.  Learn  how  at  www.lucent.com. 

Networks  that  work  smarter.  Networks  that  work  harder.™ 
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Bell  Labs  Innovations 


Free  subscription 
(51  Issues) 


To  apply  online  go  to 

subscribenw.com/b03 
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Apply  for  your  own 
Free  subscription  today. 
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New  Edge  touts  low-cost  frame  over  DSL 


■  BY  DENISE  PAPPALARDO 

New  Edge  Networks  last  week  an¬ 
nounced  a  national  Frame  Relay  over  DSL 
service  that  the  company  says  will  deliver 
big  cost  savings. 

The  little-known  service  provider  is  team¬ 
ing  with  Covad  Communications  to  pro¬ 
vide  the  service. 

New  Edge’s  Frame  Relay  over  DSL  service 
offers  the  benefit  of  a  reliable  data  service 
at  a  lower  rate  than  traditional  frame,  the 
company  says. 

“Frame  Relay  over  DSL  is  about  half  the 
price  of  standard  frame  service,”  says  Dan 
Moffat,  president  and  CEO  of  New  Edge.  “It 
lowers  the  average  cost  per  location  as 
much  as  50%  to  75%.” 

Frame  relay  might  be  mature  “but  there 
are  new  ways  of  delivering  the  service  with 
significant  cost  savings,”  he  says. 

The  service  will  let  smaller  companies 


that  need  only  fractional  T-l  bandwidth 
subscribe  to  frame  relay  As  sub-T-1  frame 
relay  rates  have  increased  over  the  past  12 
to  24  months,  Frame  over  DSL  also  might 
be  attractive  to  large  businesses  that  have 
offices  with  low  bandwidth  requirements. 

“There  haven’t  been  as  many  reliable 
[data]  solutions  for  small  and  medium-size 
businesses,” says  Rod  Woodward,  an  analyst 
at  Frost  &  Sullivan.“New  Edge  is  expanding 
its  footprint  and  offering  small  businesses  a 
proven  technology  that’s  affordable.” 

The  service  provider  is  not  the  first  to 
offer  frame  relay  over  DSL,  and  it  supports 
some  of  the  largest  carriers’  frame  over  DSL 
offerings,  including  those  of  AT&T,  MCI  and 
SBC.  But  until  now,  New  Edge  has  not 
offered  this  service  to  business  users. 

New  Edge  has  built  its  network  through 
acquisitions  since  it  launched  in  1999. 

Last  year  the  service  provider  acquired 
business  customers  from  @Work  Networks, 


the  business  services  division  of  @Home, 
and  in  October  acquired  more  than  1,000 
Cable  &  Wireless  data  customers.  New 
Edge  made  the  deal  after  C&W  announced 
it  would  serve  only  U.S.  customers  that 
have  multinational  service  needs.  Now  that 
the  international  carrier  is  leaving  the  U.S. 
market  completely  New  Edge  says  it  is  in 
talks  to  acquire  additional  customers. 

Although  New  Edge  has  acquired  a  large 
number  of  users  from  national  providers,  it 
focuses  on  offering  data  services  to  busi¬ 
ness  users  and  other  carriers  in  second-tier 
and  third-tier  markets.  This  is  why  the  car¬ 
rier  is  teaming  with  Covad  to  support  its 
Frame  Relay  over  DSL  offer,  which  provides 
DSL  services  mainly  in  large  U.S.  cities. 

New  Edge  calls  this  a  national  service, 
although  it  reaches  about  75%  of  the  U.S. 
But  New  Edge  also  offers  traditional  frame 
relay  services  and  can  reach  most  areas 
where  DSL  is  not  available.  ■ 


New  Edge  alternative 

How  Frame  Relay  over  DSL  measures 
up  against  traditional  frame  in  one 
hypothetical  net  (384K  bit/sec  port 
with  committed  information  rate  of 
192K  bit/sec** ). 


City 

Traditional 

frame/month 

FRoDSL/ 

month 

Green  Bay,  Wis. 

$840 

$328 

Atlanta 

$764 

$328 

Bethesda,  Md. 

$704 

$328 

Dallas 

$701 

$328 

Tucson,  Ariz. 

$640 

$328 

Total  monthly 
cost 

$3,649 

$1,640 

’  Based  on  ILEC  tariffs  filed  with  the  FCC. 
"Based  on  list  prices  for  a  12-month  contract. 


Vonage  tailors  VoIP  for  small  firms 

Flat-fee  dialing  includes  local,  long-distance  calls. 


Area-code  spoofing 


Vonage  can  give  businesses  local  phone  numbers  in  any  city  that  all 
call  back  to  a  single  headquarters,  substituting  for  more  expensive 
toll-free-number  services. 


Caller  in  San  Francisco 


'S 


(415)  xxx-xxxx  1 


O  Customer  in  San  Francisco  dials 
Acme  Business’  local  415  phone 
number  issued  by  Vonage. 


Vonage 
point  of 
presence 


Acme  Business 
headquarters  in  Boston 


193.255. . . 


©  Vonage  gateway  to  the  public 
phone  network  translates  the 
number  to  an  IP  address. 


0  Vonage  routes  the  call  over 
the  Internet  to  Acme  head- 
quartes  in  Boston  for  a  flat  fee. 


■  SBC  recently  unveiled  managed 
Wi-Fi  services  for  schools  and 
hospitals  to  let  those  institutions 
converge  voice  and  data  traffic  onto 
one  wireless  network.  The  new  ser¬ 
vices  support  wireless  phones  and 
wireless  data  connectivity  on  a  single 
network  in  the  13  states  that  SBC  ser¬ 
vices.  Previously,  SBC’s  wireless  data 
and  voice  offerings  were  provisioned 
from  two  separate  networks. 

■  Verizon  recently  announced  a  ser¬ 
vice  that  lets  small  and  midsize  busi¬ 
nesses  consolidate  data,  Internet, 
local  and  long-distance  services  on 
one  circuit.  The  carrier’s  Integrated 
Access  offering  divides  a  T-1’s  24 
channels  among  voice  and  data  traf¬ 
fic.  The  T-1  can  be  customized  de¬ 
pending  on  requirements,  and  then 
businesses  can  reallocate  channels 
as  their  voice  and  data  needs  change, 
Verizon  says.  Until  now,T-1s  had  been 
cost-effective  only  for  large  business¬ 
es,  Verizon  says.  But  with  Integrated 
Access,  Verizon  offers  discounts, 
rebates  and  fee  waivers. 


■  BY  TIM  GREENE 

Vonage, a  flat-fee  IP  phone  carrier  that  has 
made  a  lot  of  noise  serving  residential  cus¬ 
tomers,  now  is  rolling  out  bargain  bundles 
of  services  for  small  businesses. 

Customer  sites  with  broadband  Internet 
connections  can  get  Small  Business  Basic 
service  with  a  1 ,500-minute-per-month  call¬ 
ing  plan  in  the  U.S.  and  Canada  for  $39.95, 
or  Small  Business  Unlimited  plan  for 
$49.95.  A  one-line  service  comes  with  call 
waiting,  cal!  forwarding,  call  transfer,  voice 
mail,  redial, caller  lD,caller-ID  blocking  and 
a  fax  line.  Additional  phone  lines  cost 
$34.99  per  month. 

Customers  can  save  money  by  getting  rid 
of  traditional  phone  lines  and  using  broad¬ 
band  Internet  links  for  phone  traffic.  A  user 
would  plug  his  regular  phone  into  a  Cisco 
analog  telephone  adapter  that  Vonage  pro¬ 
vided  and  connect  the  adapter  to  a  DSL  or 
cable  modem  connection.  It’s  ready  to  use 
once  Vonage  activates  the  service.  The 
adapter  converts  voice  traffic  to  IP  and 
passes  it  off  to  the  Internet  via  backbone 
providers  including  UUNET  and  AT&T. Calls 
can  be  completed  to  customers  served  by 
IP  providers  or  traditional  phone  carriers. 

Allen  Tsong,  managing  director  of  hand¬ 
bag-maker  Van’s  NY, says  his  company  uses 


Vonage’s  service  for  outgoing  calls 
because  it  costs  less  than  using  Verizon. 
Yan’s  still  uses  Verizon  for  incoming  calls  to 
its  toll-free  number.Tsong  plans  to  install  a 
PC-based  PBX  between  the  Verizon  and 
Vonage  phone  lines  and  the  telephone 
handsets  so  employees  don’t  have  to  worry 
about  picking  up  the  correct  phone.  The 
PBX  will  direct  outbound  calls  from  any 
phone  to  the  Vonage  lines. 

Because  its  services  are  based  on  IP  and 
Session  Initiation  Protocol,  Vonage  can 


blend  voice  with  data  to  create  new  ser¬ 
vices.  For  instance, Vonage’s  voice  mail  noti¬ 
fies  customers  via  e-mail  when  they  have  a 
voice  message.  Those  messages  can  be 
sent  as  audio-file  attachments.  Later  this 
year, Vonage  plans  to  roll  out  a  service  that 
enables  voice  phone  calls  from  computers 
using  telephony  software. 

The  service  has  limitations.  If  the  electric¬ 
ity  goes  out,  the  service  dies  unless  the  cus¬ 
tomer  has  a  back-up  power  supply  To 
See  Vonage,  page  34 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Last  week  I  heard  words  I  never 
thought  would  come  from  the  mouth 
of  a  telco  executive:  “We  like  to  pro¬ 
vide  bandwidth  when  we  can,  but  we’re  a 
managed  services  provider.” 

At  long  last,  a  faint  indication  that  telcos 
might  be  getting  the  message  that  it’s  not 
about  bandwidth,  it’s  about  services. 

So  here’s  a  question:  If  telcos  start  posi¬ 
tioning  themselves  as  service  providers, 
what  does  that  mean  for  IT  executives?  For 
starters,  they  need  to  think  about  revamp¬ 
ing  their  organizations  to  better  manage 
their  providers.  Some  recommendations: 

•  Institute  effective  best  practices  for  ser¬ 
vice  selection  and  provider  procurement. 


How  to  better  manage  your  service  providers 


Specifically  institute  a  formal  procurement 
process. 

Start  by  defining  the  business  needs 
then  moving  on  to  technical  require¬ 
ments.  In  other  words,  don’t  assume  the 
requirement  is  for  frame  relay  if  the  busi¬ 
ness  need  is  really  high-speed  connectiv¬ 
ity  to  branch  offices.  Depending  on  the 
applications  being  supported,  IP  Security 
or  Multi-protocol  Label  Switching  IP  VPNs 
also  might  be  a  fit. 

Once  you’ve  established  requirements, 
define  selection  criteria  for  the  services. 
Then  take  a  weighted-scorecard  approach 
to  evaluating  RFPs.with  each  selection  cri¬ 
terion  assigned  the  appropriate  weight 
that’s  based  on  your  organization’s  goals 
and  requirements.  This  approach  not  only 
generally  delivers  the  best  solution,  it  also 
cuts  down  immeasurably  on  the  political 
warfare  that  often  surrounds  the  procure¬ 
ment  process. 


•  Create  and  train  an  effective  negotia¬ 
tions  team.  Most  carrier  negotiations  are 
handled  by  the  procurement  department, 
with  help  from  the  legal  team,  with  the  fun¬ 
damental  goal  of  obtaining  the  best  price. 
But  for  services  in  which  terms  and  condi¬ 
tions  might  matter  more  than  the  price,  the 
negotiations  team  needs  enhancing. 

An  effective  service  provider  negotiation 
team  should  include  a  technical  represen¬ 
tative  from  IT  and  representation  from  the 
business  units  (who  have  the  best  insight 
on  what  services  are  and  aren’t  required). 
Of  course,  the  procurement  folks  are  still 
key  —  they’re  the  people  who  will  succeed 
in  closing  the  most  favorable  terms  and 
conditions. 

•  Establish  a  vendor  management  team. 
Managing,  suppliers  requires  a  mix  of 
human  and  project  management  skills  to 
ensure  that  the  right  services  are  delivered 
on  time.  Many  IT  departments  have  a  lack 


of  both  types  of  expertise  —  which  means 
they’ll  need  to  recruit  talent  (either  from 
within  or  outside  the  company). 

•  Appoint  internal  customer  liaisons. 
These  individuals  are  chartered  with  ensur¬ 
ing  the  services  that  have  been  negotiated 
and  delivered  meet  the  needs  of  the  busi- 
ness.This  means  working  closely  with  busi¬ 
ness  units  to  understand  those  needs  and 
then  communicating  them  back  to  IT  — 
which  is  the  role  of  a  customer  liaison. 

•  Finally,  establish  cost  and  performance 
benchmarks  upfront, and  revisit  them  regu¬ 
larly.  This  lets  you  gauge  the  performance 
of  your  service  providers,  but  also  gives  you 
important  feedback  as  to  your  own  ability 
to  effectively  manage  the  service  provider. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Vonage 

continued  from  page  33 

get  911  calls  to  work,  customers  have  to 
register  the  physical  location  of  the  phone 
in  a  database  so  police  and  fire  depart¬ 
ments  know  where  to  respond.  Traditional 
phone  networks  link  phone  numbers  to  a 
particular  pair  of  wires  that  can’t  be  moved, 
but  the  Cisco  adapter  can  be  moved  to  any 
Internet  connection.Also.it  is  cumbersome 
to  add  a  second  phone  line  because  it 


requires  stringing  together  two  adapters. 

Tsong  says  Vonage  relies  on  its  customers’ 
ISP  to  deliver  a  broadband  Internet  con¬ 
nection,  and  that  means  if  the  ISP  has  a 
problem,  so  does  the  Vonage  service. 

For  an  extra  $4.99  per  month, per  number, 
customers  can  buy  extra  phone  numbers 
for  the  same  line.  So  a  single  Vonage  cus¬ 
tomer  phone  can  receive  calls  based  on  a 
variety  of  phone  numbers  with  a  variety  of 
area  codes.This  lets  people  dial  local  num¬ 
bers  in  several  different  cities  and  connect 


with  a  single  Vonage  phone  line,  similar  to 
toll-free-number  service,  but  less  expensive. 
Even  though  toll-free  service  works  any¬ 
where, Vonage  supports  phone  numbers  in 
only  137  of  about  300  area  codes  in  the  U.S. 

For  Internet  connections  where  band¬ 
width  might  be  pinched  because  an  ISP  is 
oversubscribing  its  network,  customers  can 
go  online  to  turn  on  voice  compression, 
shrinking  the  bandwidth  needed  for  a  call 
to  an  eighth  or  less  of  its  uncompressed 
size.They  also  can  set  call-forwarding  num¬ 


bers  and  activate  or  deactivate  features 
such  as  caller-lD  blocking. 

Vonage  says  it  will  add  conferencing  and 
auto-attendant  services  by  year-end. 

Vonage  opened  in  2002  and  says  it  has 
30,000  customers.  Business  customers  are 
growing  as  a  percentage  of  total  customers. 
In  March,  5%  of  customers  were  businesses 
and  that  grew  to  7%  in  May  It  is  now  10%. 

The  company  offers  services  in  3 1  states 
with  firm  plans  to  add  six  more  by  early 
next  year.  ■ 


Tired  of  Sluggish 
Network  Performance  r 


You  Need  Belden’s  New  DataTwist  600e  — 

The  Only  Network  Cable  That  Guarantees  Performance  Beyond  Category  6  Standards. 

Suddenly,  as  quickly  as  Category  6  cable  performance  standards  have  been  adopted.  Belden 
has  made  them  obsolete.  DataTwist  600e  UTP  networking  cable  was  developed  not  only  to  meet 
Category  6  standards,  but  also  to  provide  significant  amounts  of  headroom  above  and  beyond 
them  —  guaranteed.  It’s  the  industry’s  only  UTP  cable  with  guaranteed  performance  to  600  MHz. 

The  secret?  Belden's  unique,  patented  Bonded-Pair  technology  that  ensures  uniform  conductor- 
to-conductor  spacing  to  eliminate  performance-robbing  gaps  between  pairs... coupled  with 
the  patented  e-Spline  design  that  provides  consistent  pair-to-pair  spacing 
by  placing  pairs  in  individual  chambers. 

The  result: 


•  8  dB  of  Power  Sum  NEXT  headroom  over  Category  6  —  guaranteed. 

•  Nearly  5  dB  of  return  loss  improvement  over  Category  6 
at  100  MHz  —  guaranteed. 

•  An  attenuation  margin  over  Category  6  standards  —  guaranteed. 

•  Positive  Power  Sum  ACR  to  460  MHz  —  guaranteed. 

%  \ 

All  of  which  means  better  and  faster  performance  for  you. 

For  more  information  call  1-800-BELDEN-4  to  get  your 
FREE  copy  of  the  DataTwist  600e  New  Product  Bulletin. 

www. belden. com/DT600eNW.  pdf 


DuPont  is  the  sole 
supplier  ol  FEP  Tetlon 
insulation  material  used 
in  the  plenum  product. 
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Companies  everywhere  are  facing  a  new  kind  of  threat. 
Fortunately,  there’s  a  new  level  of  protection. 


Introducing  Application  Intelligence  only  from  Check  Point. 

The  Internet  is  evolving.  So  is  the  technology  that  keeps  it  secure.  Now  Check  Point  introduces 
Application  Intelligence— a  major  breakthrough  in  the  evolution  of  Internet  security  and  a  definitive 
response  to  the  growing  problem  of  application  level  attacks.  With  Application  Intelligence  integrated 
into  Check  Point  FireWall-1  and  Smart  Defense,  your  business-critical  systems  are  safe  from  both 
network  and  application  level  attacks.  By  providing  the  world’s  only  truly  integrated  security  infrastructure, 

Check  Point  centralizes  and  strengthens  your  defense  against  attack  at  every  level,  every  location.  Want 
to  take  Internet  security  to  the  next  level?  Get  the  revealing  new  white  paper  that  tells  you  everything 
you  need  to  know  about  the  latest  cyber  threats,  “Internet  Security  Redefined:  A  new  level  of  integration, 
a  new  level  of  protection.”  at  www.checkpoint.com/appint/nw 

.  We  Secure  the  Internet 


Check  Point 

SOTTWAfle  TECHNOLOGIES  LTD 
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ETHERNET:  Continues  to  grow  at  the  ripe  old  age  of 


Ethernet  It  isn’t  just  for  LANs  anymore 


■  BY  JIM  DUFFY 

Demand  for  Ethernet  equipment  and  services  is 

expected  to  grow  dramatically  in  the  coming  years 
because  of  the  technology’s  familiarity  ease  of  use 
and  technical  advancements. 

Ethernet  has  been  the  dominant  LAN  transport  protocol 
in  corporate  networks  for  almost  30  years.  But  now  carri¬ 
ers  are  using  it  to  inexpensively  build  high-performance 
networks  using  switches,  optical  transport  gear  and 
installed  fiber,  to  offer  services  that  extend  Ethernet  from 
the  LAN  to  the  metropolitan-area  (MAN)  and  WAN. 

The  growth  in  data  services  translates  into  growth  for 
Ethernet  equipment  and  services  in  the  carrier  net¬ 
work.  SONET  networks  are  optimized  for  voice  and  do 
not  inherently  provide  efficient  bandwidth  utilization 
for  data. 

Moreover,  the  ubiquity  of  Ethernet  in  corporations 
makes  it  an  especially  attractive  service  as  carriers 
attempt  to  provide  “seamless”  connectivity  from  the 
company  through  the  MAN  and  WAN.  And  Ethernet 
offers  operational  simplicity  because  of  decades  of 
user  experience. 

Finally  Ethernet  presents  a  relatively  inexpensive  alterna¬ 
tive  to  high-speed  services  provisioned  from  legacy  inter- 
faces.This  cost-effectiveness  is  driving  carrier  interest  in 
Ethernet  now  and  should  continue  to  do  so  in  the  future, 
research  firm  Current  Analysis  says. 

In  the  MAN  market,  worldwide  Ethernet  equipment  rev¬ 
enue  hit  $2.5  billion  last  year, and  is  projected  to  grow  to 
$5.7  billion  by  2006,  according  to  Infonetics  Research. 
Worldwide  metropolitan  Ethernet  equipment  ports 
reached  756,000  in  2002  and  will  more  than  quadruple  to 
3.3  million  by  2006,  according  to  the  firm. 

Compared  with  SONET,  Ethernet  will  account  for  a  larg¬ 
er  portion  of  carriers’ capital  expenditures  for  the  MAN, 
Infonetics  predicts.  Infonetics  co-founder  and  principal 
analyst  Michael  Howard  predicts  that  Ethernet  will  “take 
over  the  metro"  in  the  next  10  years. 

As  carriers  upgrade  their 
backbone  networks  to  10G 
bit/sec,  they  also  are  looking  to 
support  end-to-end  Gigabit 
Ethernet  services. 


Even  with  the  pressure  of  decreasing  capital  expendi¬ 
tures  —  carriers  have  cut  spending  by  half  or  more  over 
the  past  two  years  —  service  providers  are  investing  in 
metropolitan  Ethernet  equipment  to  respond  to  customer 
demand  or  risk  losing  customers  to  a  competitor, 
Infonetics  says. 

But  are  Ethernet  services  really  new?  Incumbent  carri¬ 
ers  have  offered  transparent  LAN  services  (TLS)  over 
Ethernet  for  years,  but  these  have  largely  been  niche 
products,  according  to  Current  Analysis. 

It  wasn’t  until  the  emergence  of  metropolitan  Ethernet 


More  than  transport 

As  Ethernet  pervades  the  carrier  network, 
value-added  services  are  predicted  to  drive 
growth. 

U.S.  retail  metropolitan  Ethernet  services  (in  billions) 
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SOURCE:  TIA's  2003  TELECOMMUNICATIONS  MARKET  REVIEW  AND  FORECAST 


providers  —  such  as  Cogent  Communications, Telseon 
and  Yipes  —  in  the  mid-  to  late-1990s  that  regional  Bell 
operating  companies,  incumbent  local  exchange  carriers 
and  interexchange  carriers  felt  compelled  to  offer 
Ethernet  as  a  faster  and  more  widely  available  service. 
AT&T,  BellSouth,  Qwest,  SBC  and  Verizon  offer  Gigabit 
Ethernet  services  either  throughout  or  in  select  areas  of 
their  coverage  territories. 

BellSouth  has  offered  its  dedicated  Native  Mode  LAN 
Interconnection  (NMLI)  metro  TLS  service  for  nine 
years  at  10M  bit/sec  and  then  100M  bit/sec. The  RBOC 
pumped  NMLI  up  to  1G  bit/sec  last  year,  and  it  also  now 
supports  both  shared  and  dedicated  connectivity,  says 
Bob  Smith,  BellSouth  senior  director  of  data  transport 
and  connectivity. 

“It’s  the  fastest  growing  enterprise  data  product  for 
BellSouth, "Smith  says  of  NMLI. 

Carriers  view  Gigabit  Ethernet  service  as  a  natural 
extension  of  TLS  services  they’ve  offered  for  years,  ana¬ 
lysts  say. 

“It’s  basically  about  the  same  as  TLS  but  with  more  fea¬ 
tures  underneath,”  Howard  says. 

Carriers  are  now  offering  virtual  LAN  (VLAN)  capabili¬ 
ties  with  their  TLS  offerings,  lowering  prices  and  expand¬ 
ing  connectivity  options  beyond  SONET,  for  example  via 
the  emerging  Resilient  Packet  Ring  standard,  Howard 
says.They  plan  to  take  Ethernet  beyond  simple  metropoli¬ 
tan  and  Internet  access  connectivity  to  a  provisioning 
conduit  for  voice  over  IP  (VoIP),  IP  VPNs  and  videocon¬ 
ferencing  as  IP  quality  of  service  and  class  of  service  stan¬ 
dards  are  ironed  out,  according  to  Current  Analysis. 

BellSouth  plans  to  offer  NMLI  as  a  committed  rate  ser¬ 


vice  of  20M  to  500M  bit/sec  with  bursting.The  RBOC  also 
plans  to  add  traffic  prioritization  forVoipiP  multicast  sup¬ 
port, VLAN  stacking  (so  multiple  VLANs  can  share  the 
same  circuit),  automatic  protection  switching  and  ser¬ 
vice-level  agreements,  Smith  says. 

BellSouth  also  will  offer  metropolitan  Ethernet  as  an 
access  option  to  network  VPN  and  dedicated  Internet 
access  services,  he  says. 

Carriers  are  looking  to  standardize  Ethernet  offerings. 
Those  participating  in  the  Metro  Ethernet  Forum  are 
establishing  common  specifications  —  and  nomencla¬ 
ture  —  for  so-called  E-line, or  point-to-point  Ethernet  ser¬ 
vices,  and  E-LAN,  or  multipoint  TLS  services. 

Technology  advances  also  are  helping  to  spread 
Ethernet  throughout  the  carrier  cloud.  Until  now,  Ethernet 
services  have  been  used  primarily  for  metropolitan-area 
connections.  But  as  carriers  upgrade  backbone  networks 
to  10G  bit/sec,  they  also  are  looking  to  support  end-to-end 
Gigabit  Ethernet  services. 

Multi-protocol  Label  Switching  (MPLS)  also  is  helping 
usher  in  the  era  of  Ethernet  service  ubiquity  MPLS’s  Draft 
Martini,  which  defines  Layer  2  VPN  encapsulation  over 
MPLS,  is  garnering  interest  among  service  providers  and 
support  among  equipment  vendors  as  a  way  to  support 
Ethernet,  legacy  frame  relay  and  ATM  services  over  an 
IP/MPLS  backbone. 

MPLS  also  is  being  evaluated  as  a  way  to  provide 
SONET-like  resiliency  —  what  some  consider  the  key 
aspect  of  being  “carrier-class” —  to  Ethernet.  MPLS  is  the 
underpinning  of  an  emerging  service  called  Virtual 
Private  LAN  Services  (VPLS),a  point-to-multipoint 
Ethernet  offering  that  provides  connectivity  from  one  site 
to  many  vs.  the  one  site-to-one  site  limit  of  point-to-point 
service. 

“Offering  an  any-to-any, shared  solution  is  the  future  of 
Ethernet  services,”  says  Nick  Maynard,  an  analyst  at  The 
Yankee  Group. 

VPLS  uses  MPLS  and  its  Draft  Martini  specifications  to 
scale  Ethernet  by  pushing  media  access  control  address 
learning  out  to  the  edge  of  the  network, says  Ralph 
Ballad,  vice  president  of  broadband  at  SBC. 

SBC  is  readying  a  VPLS-based  TLS  service  for  the  sec¬ 
ond  half  of  this  year,  Ballad  says. 

“It’s  going  pretty  much  as  planned,”  Ballad  says.“We 
were  looking  for  IETF  standards  on  VPLS  that  scale 
Ethernet.  And  management  is  always  an  issue." 

SBC  offers  GigaMAN,  a  point-to-point  Ethernet-over-fiber 
service;  and  Fast  and  Gigabit  Ethernet  on  its  Multi-Service 
Optical  Network  point-to-point  and  ring-based  managed 
wavelength  service. 

Masergy  Communications,  a  service  provider  that  oper¬ 
ates  a  global  IP/MPLS  backbone,  recently  announced  a 
VPLS  service.The  company’s  inControl  VPLS  offering 
extends  customers’  LANs  across  WANs  providing  meshed 
Layer  2  multipoint  connectivity 

VPLS  lets  Masergy  divide  its  network  into  separate,  inde¬ 
pendent  logical  switching  areas  so  a  customer’s  VPN  is 
isolated  from  all  other  traffic  within  the  Masergy  network. 

“We’re  seeing  Ethernet  move  beyond  just  point-to-point 
offerings  on  dedicated  facilities, "Yankee  Group’s  Maynard 
says. “All  major  carriers  are  in  the  middle  of  rolling  out  the 
next  steps  in  their  podfolios"  ■ 
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VoIP’s  hidden  costs 

Bring  on  the  VoIP  apps 

Taking  the  threat  out  of  IP  voice 


I  want 

a  truly 
converged 
VoIP  solution 
that  makes  my 
business  more 
efficient. 


We  want  value.  One  simple  solution,  from  one  company. 
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MCI 
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Don’t  let 
those 
sneaky 
project 
expenses 
blow  your 
VoIP 
budget. 


■  BY  JULIE  BORT 


You've  squeezed  every  bit  of  efficiency 

from  your  IT  infrastructure  and  have  start 
ed  thinking  the  time  might  be  right  for 
voice  over  IP  and  its  promised  grand  benefits. 


Thornton  has  undergone  a  multiphase  project  to  upgrade  telecom 
equipment.  As  part  of  that  project,  about  18  months  ago  it  imple¬ 
mented  an  Avaya  VoIP  system  for  sending  IP-encased  voice  over  a 
frame  relay  network  connecting  48  offices  nationwide.  In 
November,  the  company  will  begin  using  IP  over  T-l  lines,  and 
implement  quality  of  service  for  voice  calls. 

But  Grant  Thornton  had  not  performed  a  comprehensive  voice 
traffic  study  before  implementing  the  VoIP  service.  It  wasn’t  until 
after  deploying  VoIP  that  Lopez  discovered  a  large  percentage  of 
long-distance  calls  were  between  employees.  While  that  was  good 
news  —  as  it  meant  a  40%  reduction  in  long-distance  fees  —  had 
Lopez  known  about  that  calling-pattern  beforehand,  he  could 
have  provisioned  bandwidth  differently.  He  now  is  reconfiguring 
some  trunks  to  better  handle  the  traffic  flows,  he  says. 

VoIP  traffic  studies  should  include  analysis  of  bandwidth  usage, 
availability,  calling  rates,  latency  and  jitter,  says  Jorge  Blanco,  a 


After  all.  one  physical  infrastructure  for  voice  and  data  is  more 
efficient  than  dual  networks.  What  vendors  don’t  always  mention 
is  that  achie\ing  impressive  ROI  requires  budgeting  for  potentially 
hidden  costs. 

VoIP  implementation  costs  can  range  vastly,  from  $20  to  $150 
per  user  (with  a  typical  installation  being  in  the  $20-to-$30  range), 
vendors  say.  Of  course,  larger  companies  have  more  negotiating 
power  with  vendors  to  bring  their  projects  in  at  the  lowest 
per-user  costs.  Beyond  that,  if  you  want  your  costs  to  be 
as  low  as  they  can  be,  you'll  need  to  avoid  surprises. 

That  starts  with  an  accurate  financial  assessment. 

In  addition  to  the  IP  PBX  and  gateways,  consider 
these  items  for  your  project  budget: 

•  A  comprehensive  traffic  study.  Users  say 
your  VoIP  project  should  begin  with  a  com¬ 
prehensive  network  and  telecom  usage-pat¬ 
tern  analysis,  whether  performed  in-house 
or  by  a  consultant.  A  thorough  check  of  the 
network  with  a  detailed  traffic  study  is  “a 
beautiful  thing. 


says  Kevin  Lopez,  nation¬ 
al  manager  of  telecommunications  for 
accounting  services  firm  Grant  Thornton 
in  Chicago.  "It  will  help  you  know  what 
kind  of  trunking  and  bandwidth  you  need, 
see  what  you  are  going  to  do  and  where 
you  are  going  to  do  it.” 

Lopez  learned  that  lesson  the  hard  way. 
To  standardize  its  voice  across  multiple 
offices  and  ultimately  reduce  costs,  Grant 


Jim  Barry,  CIO  at  Onellnited  Bank; 
not  only  saved  thousands  of  dollars 
per  month  by  moving  to  VoIP  oyer 
Centrex,  he  also  cut  $60,000  from 
VoIP  implementation  costs  simply  by 
choosing  generic  digital  handsets.  ... 
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vice  president  for  Avayas  converged  systems  and  applica¬ 
tions  group.  Such  analysis  is  typically  within  the  abilities 
of  network  staff.  But  should  your  staff  be  too  overloaded, 
your  VoIP  vendor  can  do  it  for  $5,000  to  $10,000,  Blanco 
estimates.  In-house  or  not,  the  budget  should  reflect 
expenses  incurred  in  a  traffic  study 

•  Infrastructure  upgrades.  VoIP  depends  on  a  state-of- 
the-art  switched  network.  If  you  still  use  shared  links  to 
the  desktop  and  have  a  closet  full  of  ancient  equipment, 
you’re  looking  at  a  forklift  upgrade. Tying  VoIP  into  an 
overhaul  could  be  wise,  as  its  cost  savings  can  help  offset 
the  expense  of  new  gear  faster  than  an  upgrade  for  data 
applications  only 

But  even  a  network  that  is  up  to  snuff  likely  will  need 
some  infrastructure  tweaks.  Modest  server  and  router 
upgrades  were  in  store  for  Steve 
Eager,  director  of  network  and  sys¬ 
tems  administration  for  NFL  Films, 
the  filmmaking  arm  of  the  * 

National  Football  League,  in  * 

Mount  Laurel,  N.J. 

Upon  moving  into  a  new  build¬ 
ing  in  April  2001 ,  NFL  Films  con¬ 
verted  its  nearly  500  phones  to  a 
Cisco  VoIP  system. That  meant  licensing  Cisco’s 
CallManager  software  and  buying  Cisco-certified  servers 
to  run  that  software  and  Cisco  routers  to  handle  the  traf¬ 
fic  uptick  VoIP  would  cause.  Eager  also  purchased  in-line 
power  blades  for  the  company’s  Cisco  4006  switches.  In¬ 
line  power  supplies  electricity  to  IP  phones  through 
Ethernet  wiring,  so  electrical  wiring  and  jacks  are  unnec¬ 
essary.  All  told,  Eager  says  he  spent  about  $150,000  for  net¬ 
work-related  upgrades  and  saved  at  least  $200,000  in 
wiring  costs.  Plus,  he  avoided  buying  a  new  PBX  system 
for  the  new  building,  which  he  estimates  would  have  cost 
$250,000. 

Consider,  too,  if  you  want  to  run  data  on  your  VoIP  net¬ 
work  regularly  or  only  on  an  as-needed  basis.  At  Grant 
Thornton,  Lopez  retained  an  existing  Cisco  router  net¬ 
work  for  data  transport.“If  the  Cisco  routers  go  down,  we 
can  failsafe  over  to  the  Cajun  routers.  We  spent  a  little  bit 
more  money  but  have  a  built-in  failsafe,”  he  says. 

Such  a  tactic  means  higher  upfront  costs,  although  it 
could  result  in  long-term  savings  compared  with  a  back¬ 
up  plan  that  has  useful  equipment  sitting  idle,  waiting  for 
the  main  gear  to  fail. 

•  IP  phones.  IP  phones  come  in  two  flavors,  hardware 
handsets  and“softphones.’’Softphones  are  client-side  code 
hooked  up  to  digital  handsets.  Prices  vary  with  an  IP  hand¬ 
set  ranging  from  $150  to  $700  —  depending  on  the  brand 
and  features  —  and  licenses  for  softphones  running  about 
$80  per  user,  for  a  50-user  pack.  Prices  for  IP  hardware 
handsets  are  dropping  but  remain  high  enough  to  be  of 
questionable  value,  even  their  vendors  admit.  If  you’re 
moving  into  a  new  building  and  can  justify  the  cost  with 
the  savings  obtained  from  in-line  power  —  as  was  the 
case  for  NFL  Films  —  they  could  be  a  good  choice. 

Soft  IP  phones  are  an  attractive,  money-saving  alternative. 
OneUnited  Bank  found  the  ideal  option.lt  moved  to  VoIP 
when  consolidating  calling  plans  for  its  12  offices  that  it 
operates  in  three  states, says  Jim  Barry  CIO  at  the  Boston 
firm.The  bank  ditched  its  Centrex  and  voice  mail  services 
in  favor  of  Shoreline  Communications’ Shoreline4  system, 
including  soft  IP  phones  but  not  IP  handsets  that  would 
have  cost  about  $600  apiece.  Instead,  Barry  decided  to  rely 
on  generic  digital  handsets  "!  saved  $60,000  on  the  phones 
alone.  Do  1  really  need  to  see  a  stock-quote  stream  display 
on  my  phone?  No’’  he  says  of  the  applications  he  forwent 
by  skipping  the  Shoreline  IP  handsets. 

But  don’t  shortchange  yourVblP  users  by  passing  over  IP 
phones  altogether,  users  say“lf  1  had  to  pick  one  of  my 

iv  rite  Avaya  products  it  is  the  IP  softphone,"  Lopez  says, 
naming  mobility  as  the  reason.  Hard  or  soft,  IP  phones  let 
roam  while  retaining  their  phone  numbers, internal 
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extensions  and  calling  configurations  (speed  dials, 
transfer/conferencing  functions). Softphones  are 
responsible  for  many  of  the  worker  productivity 
gains  commonly  associated  with  VoIP 

•  Inherent  cost  of  the  VoIP  system 
architecture.  The  cost  of  maintaining  the 
VoIP  network  depends  on  the  vendor’s  archi¬ 
tectural  approach, some  researchers  find.  In 
a  study  Shoreline  commissioned, The  Tolly 
Group  determined  that  VoIP  product  archi¬ 
tectures  fall  on  a  continuum,  from  most  com¬ 
plex  (and  expensive)  to  least  complex  (and 
expensive) .“Cisco  and  Shoreline  represent 
the  extremes,”  says  Kevin  Tolly  CEO,  and  a 
Network  World  columnist. 

Cisco,  at  the  complex 
end,  has  what  Tolly  dubs  an  “inva¬ 
sive”  architecture,  where  VoIP  is  an 
integral  part  of  the  data-switching 
infrastructure.“To  extend,  install, 
maintain,  upgrade  your  voice 
infrastructure,  you  have  to  per¬ 
form  open-heart  surgery  on 
your  switching  infra¬ 
structure,”  he  quips.This  forces  VoIP  system 
upgrades  into  the  higher-labor-cost,  off- 
peak  hours  (although  Cisco  has  A 

products  that  support  real-time 
maintenance),  and  it  traps  users  £MR 
into  whatever  equipment,  pricing 
and  patches  the  vendor  issues.  1111111 

In  contrast,  Shoreline  treats  VoIP 
more  like  an  application, Tolly  says. 

Or,  as  OneUnited’s  Barry  describes: 

“Cisco  anticipates  a  purely  Cisco  solution. 

Shoreline  anticipates  that  you’ll  use  its  switch¬ 
es,  and  after  that  what  you  use  is  up  to  you.”  Barry 
offers  the  generic  digital  phones  he  chose  as  a  mix- 
and-match  example. 

Because  OneUnited  does  not  use  Cisco  data 
switches,  going  with  a  Cisco  VoIP  network 
would  have  meant  hiring  a  high-priced  Cisco 
Certified  Internetwork  Engineer,  a  cost 
avoided  with  Shoreline,  Barry  says. 

On  the  other  hand,  NFL  Films’ 

Eager,  who  had  a  fully  trained 
staff  maintaining  its  Cisco  data 
gear,  chose  Cisco’s  VoIP  equip¬ 
ment  to  get  single-vendor  tech¬ 
nical  support.This  was  a  soft 
cost-savings,  he  says. 

Tolly  refutes  this  as  A 

much  of  an  advan-  -Cl 

tage,  insisting  that 
“VoIP  phones 
and  switch  ports 
should  be  mix 
and  match”  with¬ 
out  much 
incompatibility 

In  any  case, 
think  through  the 
potential  of  hidden  costs 
in  the  VoIP  switch  architecture  you  choose. 

•  Performance  monitoring  tools.  One  final  but  signifi¬ 
cant  cost  comes  from  performance  monitoring,  as  VoIP 
will  require  tools  you  likely  don’t  own. "Voice  is  the  least 
forgiving  IP  application.  Any  more  than  a  half-second 
delay  makes  a  voice  connection  unusable. You  need  to 
track  not  just  uptime,  but  latencyfTolly  says,  adding  that 
tools  such  as  Agilent  Voice  Quality  Tester  or  NetlQ  Chariot 
can  cost  $50,000  and  for  a  large  WAN  with  many  remote 
sites,“cost  can  easily  be  in  the  six  figures.” 

You'll  have  to  budget  for  the  major  training. Telecom  pro- 
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Costs  and  the  rollout  plan 

Budgeting  For  VoIP  depends  on  which  offices  are 
upgrades  first:  headquarters  or  remote. 

Moving  to  voice  over  IP  requires  spending 
money  on  IP  PBXs  and  other  equipment.  But 
how  much  to  budget  even  for  that  depends  on 
your  approach  to  the  VoIP  rollout. 

Two  philosophies  exist.  One  is  to  start  small 
and  grow,  first  outfitting  a  remote  office  or  two. 
This  is  a  good  strategy  for  companies  that  need 
to  purchase  new  telephone  equipment  for  outly¬ 
ing  offices  —  either  to  update  aging  key  sys¬ 
tems,  to  standardize  a  hodgepodge  of  equipment 
or  when  building  new  remote  facilities,  says 
Mike  Kirch,  a  ROI  specialist  for  Cisco. 

Initial  capital  outlay  is  minimal.  Your  staff  can 
gain  experience  with  the  technology  on  a  small 
scale,  and  gather  usage,  cost  and  savings  sta¬ 
tistics  before  messing  with  a  functioning  mis¬ 
sion-critical  phone  system  at  headquarters. This 
lets  you  better  understand  the  needs  for  the 
largest  offices,  thereby  maximizing  ROI  as  you 
slowly  bring  VoIP  to  all  sites.  Savings  can  help 
offset  the  next  set  of  costs. 

The  second  philosophy  instead  says  to  do  the 
hubs,  then  the  spokes.  You  implement  VoIP  at  the 
main  office,  and/or  the  call  centers  and  large 
regional  offices.  You  then  tie  in  branch  offices 
using  smaller,  less  expensive  PBXs,  gateways  or 
hubs.  This  approach  offers  "the  highest  return 
over  the  life  of  an  enterprise  implementation," 
says  Jorge  Blanco,  a  vice  president  for  Avaya’s 
converged  systems  and  applications  group. 

This  plan  requires  the  highest  upfront  invest¬ 
ment  but  offers  several  advantages.  With  the  hub 
done,  VoIP  is  managed  centrally  from  the  get-go. 
Companies  engage  in  the  biggest  cost-savings 
for  their  largest  populations  of  users  first. 

This  is  a  good  method  for  companies  moving 
their  headquarters  into  new  buildings.  It  is  also 
appropriate  for  those  that  have  been  using  out¬ 
sourced  PBX  services  such  as  Centrex. 

To  decide  which  is  right  for  you,  "look  for  a  pay¬ 
back  period  of  less  than  a  year,"  advises  Ian 
Campbell,  CEO  of  Nucleus  Research,  which  spe¬ 
cializes  in  IT  ROI  research.  If  you  can't  get  such 
quick  payback  periods,  he  adds,  “don’t  do  it."  A 
wireless  IP  WAN  might  help  with  toll  bypass,  or 
your  long-distance  provider  will  renegotiate 
lower  rates  for  you,  he  says.  "Think  about  nego¬ 
tiating  before  doing  yourVolP  ROI  calculations." 

—  Julie  Bort 


tocols  such  as  H.323, Session  Initiation  Protocol  and  G71 1 
have  steep  learning  curves  and  are  foreign  territory  for 
data  guys, Tolly  says.  Likewise,  if  you’re  going  to  ask  your 
company  fo  put  its  voice  lifeblood  in  your  data  network 
veins, you’ll  need  a  method  to  audit  performance.Tolly 
recommends  buying  service-level  agreement  (SLA)  moni¬ 
toring  tools,  from  Racketeer  or  Sitara  Networks.  Doing  so 
will  require  enough  funds  to  place  SLA  monitoring  at 
every  significant  remote  at  roughly  $2,000  per  box. 

While  VoIP  can  have  its  long-term  financial  benefits  and 
hearty  ROI,  calculating  the  costs  is  surely  the  first  step  ■ 
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enhanced  cus¬ 
tomer  service. 


BY  PHIL  HOCHMUTH 

Voice  over  IP  was  once  marketed 
purely  as  a  money  saver.  But  in¬ 
creasingly,  companies  are  choos¬ 
ing  to  build  a  VoIP  infrastructure 
as  much  for  the  applications  it  will  enable 
as  the  long-term  dollars  it  could  save. 

“It  is  kind  of  a  ‘tastes  great,  less  filling’  argument,  in 
terms  of  applications  vs.  cost  savings,”  says  Brian 
Strachman,  an  analyst  with  In-stat/MDR. 

While  many  corporate  users  still  look  for  ROI  from 
long-term  savings  in  areas  such  as  administration  and 
long-distance  charges,  Strachman  stresses  that  VolP- 
enabled  applications  are  where  the  real  opportunities 
lie.“The  industry  can’t  base  its  whole  future  on  saving  a 
few  bucks.The  long-term  future  of  voice  over  IP  is  going 
to  be  in  the  applications  area,”  he  says. 

VoIP  vendors  are  starting  to  focus  on  that  future.They 
are  pushing  to  establish  application  development  pro¬ 
grams  and  partnerships  for  IP  telephony,  and  shifting 
marketing  focus  from  cost  savings  to  productivity  appli¬ 
cations.  The  goal  is  to  make  voice  an  integrated  software 
component  in  messaging  and  other  enterprise  applica¬ 
tions.  Some  vendors  promise  integration  of  IP  PBXs  with 
back-end  business  systems,  while  others  are  adding 
functions  to  IP  phones  aimed  at  turning  the  devices  into 
Java-  and  XML-based  network  terminals. 

And  a  handful  of  enterprise  users  have  started  taking 
advantage  of  VoIP-enabled  applications  to  increase  pro¬ 
ductivity,  enhance  customer  service  or  otherwise  im¬ 
prove  their  businesses.  Here’s  a  look  at  how  four  compa¬ 
nies  are  VolP-enabling  business  applications. 

A  unified  salesforce 

Prudential  Northwest  Properties,  a  real-estate  firm  with 
20  locations  in  the  Pacific  Northwest,  says  it  hopes  a 
VoIP-enabled  unified  messaging  application  will  make  its 
always-on-the-go  real-estate  agents  more  assessable  and 
productive“Unified  messaging  is  very  important  to  us,” 
says  Sean  McRae,  CIO  for  the  Portland, Ore., company. 
“Our  agents  are  always  out  in  the  field,  so  we  had  to  find 
technology  to  help  break  the  chains  to  the  desktop.” 

For  its  VoIP  infrastructure.  Prudential  Northwest  Prop¬ 
erties  uses  3Com’s  NBX  IP  PBXs,  IP  phones,  Comm  Works 
VoIP  Gateway  and  its  carrier-class  Comm  Works  Softswitch 

See  Apps,  page  S8 
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with  Unified  Communications  software. The  CommWorks 
Softswitch,  which  runs  on  redundant  Sun  Solaris  servers, 
is  located  at  a  central  site,  while  the  NBXs,VoIP  gateways 
and  IP  phones  operate  in  the  larger  branch  offices.  NBXs 
in  the  branches  tie  into  the  centralized  CommWorks 
Softswitch,  via  the  gateways,  as  a  single  phone  system  with 
one  database  for  management,  administration  and  system 
configuration.  Smaller  offices,  those  with  five  to  10  agents, 
get  the  3Com  phones  and  CommWorks  VoIP  Gateways, 
but  not  the  NBXs.The  central  CommWorks  Softswitch  pro¬ 
vides  the  call  control,  features  and  public  network  con¬ 
nectivity  for  those  offices. 

The  Unified  software,  which  supports  the  IETF’s  Session 
Initiation  Protocol  (SIP)  for  real-time  communications, 
ties  together  voice  mail,  fax  and  e-mail  systems.  From 
Microsoft  Outlook  e-mail  clients,  Prudential  Northwest 
Properties’  700  agents  can  get  voice  and  fax  messages. 

Or  the  agents  can  get  e-mail  while  on  the  road  by  call¬ 
ing  into  the  system.  A  text-to-speech  server  application 
reads  the  messages  to  them.  While  all  offices  are  not  yet 
on  the  IP  telephony  system,  every  agent  has  access  to 
the  Unified  applications. 

“The  [Unified]  software  gives  our  agents  the  ability  to 
sit  down  in  a  Starbucks  [with  Wi-Fi  hot  spot  service]  and 
wirelessly,  from  a  single  application,  pull  up  all  the  paper¬ 
work  for  any  transaction  —  all  the  e-mails,  forms  and 
faxes  are  right  there,”  McRae  says. 

He  adds  that  coffee  shops  have  become  a  favorite  place 
among  Prudential  Northwest  Properties  agents  for  con¬ 
ducting  business.The  payoff  has  been  huge,  McRae  says. 
“We  did  an  analysis  and  found  that  our  Unified  Commun¬ 
ications  users  were  saving  about  20  minutes  a  day  by 
more  efficiently  handling  their  messages.  Having  700 
agents  doing  their  job  more  efficiently  every  day  52  weeks 
a  year  —  that’s  the  value  proposition  right  there,”  he  says. 

VoIP  chemistry 

Bill  Copple,  director  for  a  massive  VoIP  project  at  Dow 
Chemical  in  Midland,  Mich.,  agrees  about  the  value 
proposition  ofVolP-enabling  unified  messaging.  Dow  is 
deploying  unified  messaging  to  more  than  50,000  employ¬ 
ees  as  part  of  the  company’s  DowNET  project,  launched 
in  2001  with  the  help  of  Electronic  Data  Systems.The  goal 
of  DowNET,  which  is  due  to  be  completed  by  year-end,  is 
to  get  every  Dow  employee  on  a  unified  voice,  messaging 
and  video  system  based  on  Cisco’s  Architecture  for  Voice, 
Video  and  Integrated  Data  equipment.  (See  related  story, 
right,  for  Dow’s  approach  to  IP  video.) 

Dow  is  deploying  hundreds  of  Cisco  CallManager  IP 
PBXs  and  thousands  of  Cisco  IP  phones  at  facilities  in  35 
countries,  with  the  whole  system  connected  across 
Dow’s  global  private  IP  WAN.  Cisco  Unity  unified  messag¬ 
ing  servers  provide  voice,  fax  and  e-mail  access  via  one 
Microsoft  Outlook  in-box. 

Rolling  out  VoIP-enabled  applications  can  be  challeng¬ 
ing,  especially  when  it  comes  to  as  sizable  a  deployment 
as  Dow’s.The  company  has  encountered  problems  rang¬ 
ing  from  end-user  training  to  technology  migration  at 
sites  around  the  globe,  Copple  says. 

With  all  the  new  features  brought  by  IP  telephony  and 
unified  messaging,  the  technology  comes  with  a  learn¬ 
ing  curve,  he  notes.“Employees  had  to  relearn  new  com¬ 
mands  and  phone  capabilities.  While  we  had  a  good 
training  program,  it  was  not  initially  hands-on  early 
enough  in  the  process;  this  has  been  corrected,”  he  says. 

Dow’s  IT  staff  also  has  evolved  with  DowNET“Another 
challenge  was  the  level  of  variability  in  the  network  and 
messaging  infrastructure  across  Dow  sites  globally) 
t  <  |  >ple  says. “We  underestimated  how  important  this  was 
from  one  site  to  the  next.  One  of  Dow's  IT  principles  is  to 
implement  standard  solutions  across  the  enterprise. Our 


initial  approach  was  to  uplift  all  the  technology  within  a 
site  and  then  go  to  the  next  site.  While  this  implementa¬ 
tion  approach  has  been  successful  in  the  past . . .  we 
found  that  with  DowNET  we  needed  a  more  layered 
strategy’ 

Over  the  past  year,  Dow  has  changed  its  strategy 
by  upgrading  LAN  and  WAN  infrastructures  for  sup¬ 
porting  voice,  followed  by  unified  messaging,  with 
IP  telephony  being  the  last  stage  of  a  site  deploy¬ 
ment. 
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VoIP-based  room  service 

While  Dow  grapples  with  VoIP-enabled  unified  mes¬ 
saging,  a  new  Boston  hotel  is  counting  on  VoIP  to  help 
it  provide  top-rate  customer  service.The  Hotel 
Commonwealth  in  Boston’s  Back  Bay  neighborhood 
offers  its  guests  a  laundry  list  of  high-end  amenities, 
including  down-filled  pillows  and  comforters,  70  cable 
TV  channels  and  in-room  DVD  players  —  not  to  men¬ 
tion  SIP-based,  Java-enabled  IP  phones  that  offer  a 
guest  portal. 

To  provide  premier  service,  the  month-old  hotel 
uses  an  integrated  system  of  customer  relation¬ 
ship,  ordering  and  billing  software  on  the  back 
end,  with  Pingtel  IP  screen  phones  as  guest 
portals  in  the  hotel  rooms.The  phones  run  on 
a  converged  voice  and  data  network  built  with 
Alcatel’s  SIP-based  OmniPCX  Enterprise  IP 
PBX  at  the  core.  A  guest  can  order  a  meal,  rent  W 
complementary  DVD  movies  from  a  nearby 
Blockbuster  or  browse  a  list  of  other  hotel  services 
from  the  phone’s  PDA-sized  touch  screen. 

“The  screen  phones  are  a  less-intrusive  way  of  let¬ 
ting  guests  know  what  services  the  hotel  has  to 
offer)  says  Stewart  Randall,  principal  consultant  at 
Communicates  Design  Associates,  an  IT  services  firm 
that  helped  design  and  install  the  VoIP  infrastructure. 
Randall  says  the  hotel  wanted  to  avoid  standard 
guest  information  systems,  such  as  TV  channels 
that  come  up  when  the  TV  is  turned  on  and  con¬ 
tinually  broadcast  hotel  services.“Our  system  is 
like  sending  instant  messages  to  guests  without 
bothering  them,”  he  says. 

For  hotel  personnel,  the  phones  act  as  Java- 
based  clients  for  an  internal  Web-based  direc¬ 
tory  server  used  to  push  out  content.The 
hotel  staff  keeps  offerings  fresh  using  sim¬ 
ple  tools  for  creating  and  formatting  con¬ 
tent  for  the  phones. 

Of  course,  guests  can  talk  on  the  phones, 
too.  Randall  says  the  voice  quality  on  the 
network  is  as  good  as  any  hotel  phone  system 
and  that  many  telephony  features  such  as 
voice  mail,  multiple  lines  and  speakerphones 
are  available  to  guests.  For  frequent  visitors  or 
long-term  guests,  the  system  can  remember 
and  save  individual  phone  numbers  so  people  keep  the 
same  number  even  if  they  move  from  room  to  room. The 
value  of  the  phones  lies  in  their  versatility,  Randall  adds. 


Billable  hours  with  VoIP 

For  Manhattan  law  firm  Hahn  &  Hessen  LLRa  VoIP- 
enabled  billing  application  has  more  than  proven  its 
worth,  says  Nicholas  Lucenko.IT  manager  at  the  firm. 

“Our  whole  business  is  based  on  billable  time  with 
clients,  and  a  lot  of  that  time  is  spent  on  the  phone," 
Lucenko  points  out.  In  the  past,  the  firm  maintained  sep¬ 
arate  phone  and  accounting  systems,  with  client  billing 
handled  the  old-fashioned  way  —  in  paper  diaries. 
“Billing  was  kind  of  a  tedious  chore  for  the  attorneys,”  he 
says.  And  at  the  end  of  the  month,  when  attorneys  had  to 
enter  their  diaries  into  the  accounting  system, “utilization 
on  our  systems  went  through  the  roof,”  he  says. 

But  when  Hahn  &  Hessen  moved  its  offices  out  of  the 


IP  video:  The  other  VoIP 

□ow  Chemical  layers  video  into  a  massive  voice- 
over-IP  deployment  project. 

Sometimes  referred  to  as  “the  other  VoIP,"  IP 
video  has  been  used  longer  than  IP  telephony  in 
some  companies,  but  it  has  been  viewed  as  more 
of  a  bell-and-whistle  technology  than  a  core 
everyday  business  tool,  such  as  phones  and  PCs. 

While  rolling  out  IP  telephony  across  its  global 
network,  Dow  Chemical  saw  the  opportunity  to 
layer  video  onto  the  system  and  make  it  a  more 
practical  application  for  users. 

Dow  has  established  iRooms,  or  conference 
rooms  wired  for  IP  videoconferencing,  in  30 
facilities  in  the  U.S.  and  overseas.These  rooms 
are  equipped  with  Cisco  IP  voice  and  videocon¬ 
ferencing  equipment,  including  IP-based  multi¬ 
point  control  units,  and  PCs  for  operating 
Cisco’s  IP  videoconferencing  software.  The 
DowNET  videoconferencing  tools  also  tie  into 
Microsoft  Exchange  scheduling  servers,  which 
notify  users  of  scheduled  videoconferences. 

“Before  DowNET,  it  took  weeks  to  schedule 
and  coordinate  a  [videoconferencing]  meeting 
activity,  and  the  quality  was  not  always  up  to 
Dow's  standards,”  says  Bill  Copple,  DowNET 
program  director  at  Dow  in  Midland,  Mich.  The 
difficulty  was  a  result  of  the  ISDN-based  video- 
conferencing  equipment  and  services  Dow 
useci  !Sn  the  past  from  multiple  providers.  This 
$r§c|uped  mixed-quality  results  and  was  expen¬ 
sive:  “In  many  instances,  employees  preferred 
faee-to-face  meetings,”  he  says. 

'TCow,  scheduling  video  time  is  as  easy  as  set¬ 
ting  up  a  bridge  to  talk  to  employees  in  different 
offices,  Copple  says.  The  fact  that  video  runs 
over  IP,  along  with  voice  and  data,  means  that 
the  service  is  included  in  the  cost  of  regular  net¬ 
work  maintenance.  Video  also  has  helped 
reduce  travel  expenses. 

“Travel  restrictions  brought  on  by  challenging 
economic  conditions  [has]  limited  our  employ¬ 
ees’  ability  to  meet  face-to-face,”  Copple  says. 
“The  iRooms^  address  this,  and  the  results  are 
very  impressive., , 

VideoconfereOcung  has  increased  seven  times 
since  the  sameHime  last  year,  he  adds.  And  over 
the  next  year,  Dow  will  roll  out  desktop  video 
cameras  as  |3a;rt  of  DowNET,  letting  some 
employees,  such  as  engineers  or  researchers,  ini¬ 
tiate  their  own  one-on-one  or  group  video  calls. 

—  Phil  Hochmuth 


Empire  State  Building  to  a  more  low-profile  and  high- 
tech  facility  on  Madison  Avenue  last  year,  the  firm 
ditched  its  old  NEC  PBX  and  voice  mail  system  for 
Cisco’s  CallManager  IP  PBX,  Unity  messaging  servers  and 
phones,  operating  on  a  Fast  and  Gigabit  Ethernet  LAN 
from  the  vendor. 

Now  the  firm  tracks  call  usage  and  bills  daily  through 
CallManager.  ft  can  pull  call  records  to  determine  exactly 
how  long  a  billable  client/attorney  session  lasted  by 
matching  the  attorney’s  network  ID  to  the  phone  number 
called  and  the  amount  of  time  spent  on  the  call.  An  auto¬ 
mated  back-end  application  —  which  IT  integration  firm 
Greenwich  Technology  Partners  helped  develop  and  inte¬ 
grate  —  imports  this  data  into  the  billing  system. 

“This  is  the  type  of  architecture  that  sold  us  on  VoIP," 
Lucenko  says.“lt’s  the  kind  of  system  that  we  can  build 
upon  with  applications  that  streamline  our  operations, 
and  give  cost-recovery  opportunities."  ■ 


iscover  how  NEC’s  BlueFire®  enterprise  switching  and  access  solutions  can  energize  your 
network,  bolster  security  and  enrich  the  connectivity  that  keeps  your  business  moving.  BlueFire 
solutions  provide  outstanding  data  networking  value.  They  integrate  seamlessly  into  your  existing 
network,  delivering  the  security,  interoperability,  survivability  and  business  connectivity  your 
growing  organization  needs.  What’s  more,  you  benefit  from  NEC’s  proven  migration  strategy  by 
upgrading  your  network  technology  all  at  once  or  phasing  it  in— the  choice  is  yours. 


So,  take  advantage  of  NEC’s  worldwide  reputation  for  innovation  in  data  communications, 
telephony  and  converged  networking.  Put  this  unparalleled  experience  to  work  for  you! 

To  locate  an  authorized  NEC  BlueFire  reseller  near  you,  visit  us  online  at  www.cng.nec.com. 

Make  the  Connection  .  . .  Stay  Connected 
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IP  voice 
needn't  be 
more  of  a 
security  risk 
than  data 
applications, 
as  long  as 
you  take  a 
few  simple 
precautions. 


OUT  OF  IP  VOICE 


BY  JOANNE  CUMMINGS 

nee  corporate  users  have  tested  voice  over 
IP  and  proven  that  it  works,  they  face  one 
last  hurdle:  making  sure  it’s  secure. 

But  users  who  have  taken  the  plunge  into  VoIP  say  they’re  not 
worried  about  security.  “If  you  configure  it  properly  and  treat  it  as 
you  would  any  other  mission-critical  server  and  application  on  the 
network,  voice  over  IP  is  as  secure  as  any  other  data,”  says  Doug 
Haluza,  director  of  engineering  and  new  technologies  at  Lexent,  a 
New  York  electrical  services  firm  that  has  run  VoIP  on  its  corporate 
network  since  January  2002. 

Analysts  agree,  saying  that  safeguarding  VoIP  comes  down  to  typi¬ 
cal  procedures  for  ensuring  the  security  of  networked  servers, 
applications  and  voice.  But,  special  care  is  required  when  choosing 
firewalls,  intrusion-detection  systems  (IDS)  and  other  security  tools. 

Firewalls  are  tricky 

Securing  VoIP  data  at  the  firewall  is  tricky.  VoIP  sessions  use  H.323 
or  Session  Initiation  Protocol  (SIP).  Firewalls  in  a  VoIP  deployment 
must  be  able  to  handle  these  fairly  complex  real-time  communica¬ 
tions  protocols.  H.323  and  SIP  have  separate  control  and  media 
transfer  connections,  which  means  they  typically  make  a  connec¬ 
tion  on  one  IP  port  to  set  up  a  call  and  then  pick  a  random,  high- 
numbered  IP  port,  usually  above  Port  1024,  for  the  data  connec¬ 
tion.  You  can’t  simply  configure  a  firewall  with  certain  ports 
opened  and  blocked  because  the  device  can  never  know  which 
port  will  be  used  for  the  connection. 

“You  need  a  firewall  that  understands  those  protocols  well 
enough  to  only  open  data  connections  when  they’ve  been  negoti¬ 
ated  and  authenticated  in  the  control  fields,”  says  Mark  Kraynak, 
strategic  marketing  manager  at  Check  Point,  which  markets  state¬ 
ful  SIP-  and  H.323-compliant  firewalls.  “And  it  needs  to  know  to 
close  them  when  [the  sessions  are]  over.” 

The  firewall  also  has  to  do  all  of  this  stateful  packet  inspection 
without  affecting  the  performance  of  the  voice  stream. 

Based  on  International  Telecommunication  Union  recommenda¬ 
tions,  the  voice  stream  should  be  subject  to  no  more  than  100  milli- 
sec  of  delay  end  to  end.  Because  voice  uses  smaller  packets  than 
data  and  transmits  more  packets  per  second  (about  50  packet/sec 
per  voice  stream,  nearly  twice  the  number  of  packets  in  a  typical 
data  stream),  processing  voice  can  quickly  bog  down  a  firewall. 

"A  lot  of  software  firewalls  can  meet  the  demands  of  data  traffic, 
but  when  you  start  to  initiate  50  packets  per  second  per  call,  that 
really  ups  the  amount  of  packets  they  have  to  inspect  and  some 
can’t  keep  up,”  says  John  Truetken,  senior  architect  for  MCI 


Advantage,  a  converged  IP  service  for  enterprise  users.  He  says 
dedicated  hardware  firewalls  tend  to  perform  better. 

The  same  is  true  of  VPNs,  he  says.  “Some  low-end  VPN  encryptors 
have  a  problem  when  you  get  up  to  20  or  so  voice  streams,”  he 
says.  “The  number  of  packets  per  second  they  have  to  deal  with 
sometimes  can  overwhelm  them.” 

That’s  a  problem  Lexent’s  Haluza  experienced  firsthand.  The 
company  had  implemented  an  IP  Security  (lPSec>based  VPN 
among  various  sites  before  deciding  to  run  VoIP  over  it. 

“Initially,  we  had  built  up  the  network  with  routers  at  the  remote 
sites  and  terminated  the  IPSec  tunnels  on  the  firewall  at  headquar¬ 
ters.  We  quickly  found  out  that  was  a  dead-end  decision  for  VoIP,” 
he  says.  The  Cisco  PIX  firewalls  Lexent  uses  don’t  have  hardware 
accelerators,  only  software  encryption.  “That’s  no  good  for  voice 
because  there’s  too  much  jitter,”  Haluza  says,  noting  that  callers 
experienced  voice  dropouts  whenever  the  processor  on  the  firewall 
became  busy. 

“The  other  thing  we  found  out  is  that  we  couldn’t  place  calls 
from  remote  site  to  remote  site  because  the  firewall  wouldn’t  let 
the  packets  in  and  out  through  the  same  port,”  he  says.  Lexent 
got  around  both  problems  by  terminating  the  IPSec  tunnels  on 
routers  at  both  ends,  because  the  routers  had  hardware  accelera¬ 
tion  and  could  route  between  the  sites.  “That  way,  we  get  the 
encryption  with  high  performance,”  he  says. 


Safeguarding  the  server 

The  VoIP  server  needs  special  attention,  too.  The  operating  sys¬ 
tem  of  most  IP  PBXs  must  be  stripped  of  unnecessary  services  that 
can  lead  to  security  breaches. 

“The  server  should  be  dedicated  to  voice  serving,”  says  James 
Coffman,  director  of  architecture  and  planning  for  Avaya.  Describing 
Avaya’s  MultiVantage  IP  PBX,  which  runs  on  a  stripped-down  version 
of  Linux,  he  says: “There’s  no  Web  browser,  no  mail 
reader,  no  finger  daemon.  We  disable  a 
lot  of  standard  network 
capabilities  that  you  get  on 
a  server  out  of  the  box.” 

Such  operating  system 
hardening  helps  keep  the 
platform  safe  from  virus¬ 
es  and  worms, such  as 
the  recent  Slapper 
and  Nimda  exploits. 

“Some  IP  telephony 
core  servers  were 
just  running  plain  * 
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continued  from  page  S10 

vanilla  Windows  NT  software,  and  they  got  hit  by  Nimda,” 
says  Fred  Weiler,  director  of  security  solutions  marketing  at 
Nortel.“Our  platforms  are  based  on  embedded  NT  that’s 
hardened,  tested  and  stripped  of  unused  services,  and 
none  of  our  IP  telephony  platforms  got  hit.” 

All  of  which  points  a  finger  at  Cisco,  which  had  some 
of  its  NT-based  CallManagerVoIP  servers  taking  Nimda 
hits  (see  www.nwfusion.com,  DocFinder:  6421).  Cisco 
quickly  issued  patches  for  the  systems  and  also  has  pro¬ 
gressively  hardened  its  platform. The  company  plans  to 
offer  non-NT  platform  choices  by  year-end,  although  it 
says  that  if  users  are  diligent  about  following  best  prac¬ 
tices  with  vulnerability  assessments  and  patch  manage¬ 
ment,  the  VoIP  server  will  be  no  more  vulnerable  than 
any  other  on  the  network. 

Many  users  dismiss  IP  PBXs  based  on  Windows,  citing 
security  reasons.“When  we  look  at  major  applications, 
we  take  into  account  whether  their  platforms  attract 
more  viruses  or  hackers,  and  I  think  that  Windows  is  by 
far  the  biggest  target,”  says  Brian  Young,  CIO  at  Hobart 
and  William  Smith  Colleges  in  Geneva,  N.Y,  which  is  run¬ 
ning  VoIP  on  one  internal  test  LAN. “We  need  to  do  more 
for  less,  and  that  means  having  a  system  that’s  stable  and 
doesn’t  take  a  lot  of  added  security  and  features  to  pro¬ 
tect  it  and  run  it.  So  for  now,  we’re  focusing  on  Linux  and 
Unix  platforms  for  voice  over  IP.” 

But  Lexent’s  Haluza  contends  the  Windows  vs.  Linux/ 
Unix  argument  is  basically  religious.“We  pick  the  best 
tool,  no  matter  the  platform,”  he  says. 

Still,  he  takes  precautions,  chiefly  not  exposing  his 


voice  server  to  the  Internet.  It  has  a  private  IP  address, 
and  voice  traffic  travels  only  on  the  secure  LAN  under 
the  VPN,  he  says.  Instead  of  sending  VoIP  traffic  over  the 
Internet,  Lexent  buys  voice  links  from  a  single  carrier  to 
handle  traffic  beyond  the  LAN. 

“From  our  company  out,  we  use  traditional  ISDN 
[Primary  Rate  Interface]  voice  circuits,  but  we  terminate 
the  PRI  circuit  from  the  carrier  on  the  router,  and  then 
it’s  IP  on  our  LAN  side, ’’Haluza  says. 

Some  start-ups  are  beginning  to  address  the  Internet 
security  issue,  primarily  through  firewall  technology  (see 
story  below). 

A  voice-specific  IDS  can  provide  more  VoIP  server  pro¬ 
tection,  yet  users  say  such  devices  aren’t  ready  for 
deployment  yet.“I  won’t  bring  VoIP  into  production  at 
the  school  until  we  have  some  kind  of  voice-specific  IDS 
in  place,  and  we  haven’t  seen  that  many  so  far,”  Hobart 
and  William  Smith’s  Young  says. 

MCI’s  Truetken  explains  that  most  IDSs  are  hamstrung  by 
their  propensity  for  false  alarms,  a  factor  that  might  inhibit 
their  performance,  especially  in  a  voice  environment. 
“You’d  have  to  set  their  thresholds  higher  to  accommo¬ 
date  the  higher  number  of  packets  for  voice,”  he  says. 
“Otherwise, you’ll  just  have  limitless  false  positives.” 

Cisco  says  it  has  solved  this  problem  through  technology 
gained  in  two  recent  acquisitions.  From  Psionic.it  gained 
the  ability  to  automate  alarm  investigation,  and  from 
Okena,  intrusion  prevention  and  detection. 

Eavesdropping  is  overblown 

Another  consideration  is  securing  the  application  so 
that  a  hacker  can’t  eavesdrop  on  a  voice  call  or  hijack 
voice  service.  One  way  to  avoid  eavesdropping  is  to 


encrypt  the  call,  which  current  VPN  technology  easily 
handles.  However,  be  sure  that  the  end  device  has  the 
processing  power  to  support  a  VPN  client.  Many  IP 
phones  don’t  have  that  power,  Avaya’s  Coffman  notes. 

In  such  cases,  a  user  would  implement  a  VPN  client  on 
a  workstation  or  laptop  and  connect  the  phone  to  the 
PC.'That  works,  but  you  need  to  ensure  that  the  laptop 
doesn’t  interfere  with  the  VoIP  call, ’’Truetken  says.“If  it’s 
running  XPyou’re  probably  fine.  But  if  it’s  Windows  98, you 
can  run  into  problems.  For  example,  DSL  has  256K  bits 
per  second  of  bandwidth,  which  is  fine  to  support  a  voice 
call.  But  if  you’re  running  Outlook  at  the  same  time, you 
can  run  out  of  processing  power/ 

Others  question  the  necessity  of  encrypting  VoIP  over 
the  LAN  at  all.The  need  to  encrypt  here  is  not  that  huge,” 
Young  says.“Just  look  at  how  many  people  use  cell 
phones  today  and  they’re  far  easier  to  capture  and  listen 
in  on  than  a  VoIP  voice  stream.  It’s  not  a  priority’ 

Lexent’s  Haluza  agrees. “I’m  more  worried  about  people 
getting  into  back-office  applications  than  VolP/he  says.Ut’s 
a  case  of  overblown  risk.” 

Cummings  is  a  freelance  writer  in  North  Andover,  Mass. 
She  can  be  reached  at  jocurnmings@attbi.com. 


Securing  VoIP  on  the  Internet 

Two  start-ups  take  aim  at  securing  IP  voice  outside  the  corporate  firewall 


Most  corporate  VoIP  users  are  focused  on  running 
voice  over  secure  intranets,  usually  via  a  VPN.  VoIP 
on  the  Internet  is  often  viewed  as  difficult  or  risky. 

"We  didn't  even  try  to  do  IP  voice  outside  our  cor¬ 
porate  network,"  says  Doug  ^  u  s  / 

Haluza,  director  of  engineering  **  0  * 

and  new  technology  at  Lexent,  * 

an  electrical  services  firm  in  i  ® 

New  York.  "There  are  just  too  » 

many  security  hassles  associat- 

ed  with  opening  the  network  up  I 

to  the  Internet,  and  with  long- 

distance  costing  just  5  cents  a 

minute,  there’s  no  ROI  worth  the  hassles." 

True,  VoIP  over  the  Internet  is  riskier,  says  Steven 
Taylor,  president  of  Distributed  Network  Architects, 
but,  he  adds:  "The  bad  news  about  staying  off  the 
Internet,  though,  is  you  don't  have  connectivity  to 
everyone  in  the  world.  It's  definitely  a  trade-off." 

A  couple  of  start-ups,  Ridgeway  Systems  and 
Kagoor  Networks,  are  offering  security  tools 
designed  to  secure  Internet  VoIP  traffic. 

Ridgeway  offers  the  IPFreedom  products  for  letting 
voice  streams  traverse  multiple  firewalls  securely 
with  little  to  no  performance  degradation. 

Firewalls  pose  problems  for  VoIP  packets  crossing 
nonassociated  networks,  such  as  those  between 
business  partners,  unless  partners  use  the  same  fire¬ 
wall,  configured  exactly  the  same.  A  partner’s  firewall 
might  view  a  VoIP  call  as  unsolicited  traffic  and  block 
it.  Or,  if  a  company  is  using  network  address  transla¬ 
tion  (NAT)  —  internal  private  IP  addresses  —  dis¬ 
crepancies  between  packets’  internal  and  header 
addresses  can  occur,  causing  packets  to  be  dropped. 

*  With  IPFreedom,  business  partners  install  client 


software  that  communicates  with  the  Ridgeway  serv 
er.The  server  software  does  the  necessary  address 
translations,  and  because  the  clients  and  servers 
have  an  establishedTCP  session,  their  call  notifica¬ 
tions  can  get  through  the  firewalls 

Mow*  nnlinpf  without  being  blocked.  Once  a  call 
mure  Ullllllc.  js  jn  pr0gresSi  the  equipment  uses 

See  a  network  diagram  of  just  two  firewall  ports  to  shuttle 
how  Lexent  has  implemented  traffic  through,  ensuring  security, 
voice  over  IP.  Ridgeway  says  corporate  VoIP 

DocFinder:  6234  customers  typically  pay  $125  per 
IPFreedom  client,  but  volume  dis¬ 
counts  are  available. 

Kagoor  provides  similar  capabilities  through  its 
VoiceFlow  series  of  products.  Kagoor  is  targeting 
service  provider  networks,  with  the  idea  that  carriers 
could  use  the  Kagoor  software  to  offer  similar  firewall 
traversal  and  NAT  services  to  corporate  customers. 


Joanne  Cummings 


“There  are  just  too  many  security 
hassles  associated  with  opening 
the  network  up  to  the  Internet, 
and  with  long-distance  costing 
just  5  cents  a  minute,  there’s  no 
ROI  worth  the  hassles.” 


—  Doug  Haluza,  director  of  engineering 
and  new  technology,  Lexent 
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EASILY  DELIVER  APPLICATIONS  TO  THE 
SCREENS  OF  IP  TELEPHONES...TODAY 


Across  enterprises,  college  campuses, 
in  hospitals,  retail  establishments, 
manufacturing  plants  and  financial 
institutions,  IT  organizations  are  being 
asked  to  make  information  available 
to  a  growing  list  of  users  without 
being  given  the  budget  for  additional 
computers  or  application  development 
resources. 

As  enterprises  continue  to  deploy 
IP  Telephony  systems,  one  of  their 
biggest  challenges  remains  the  cost,  time 
and  effort  associated  with  delivering 
applications  that  take  full  advantage  of  the 
large  screens,  browsers,  high-speed  connections,  and  speakers  that  are 
available  on  IP  telephones. 

The  most  affordable,  expedient  answer  to  these  issues  is  to  extend  business 
applications  currently  restricted  for  use  on  PCs  and  laptops  by  transforming  them 
into  a  format  suitable  for  interaction  on  the  screens  of  IP  telephones,  regardless  of 
the  manufacturer. 

“We  have  seen  a  real  customer  need  for  applications  delivered  to  the  display 
of  IP  telephones,”  said  Christin  Flynn,  Director,  Communications  Network  Infrastructure 
with  the  Yankee  Group.  “The  Net6  Transformation  Gateway  (TG)  is  the  first  product 
on  the  market  focused  exclusively  on  enabling  organizations  to  easily  transform 
existing  applications  for  interaction  with  any  IP  screen  telephone— whether  from  Avaya, 
Cisco,  Mitel,  NEC,  Nortel  Networks  or  Siemens.” 


HOW  IT  WORKS 

Net6  TG™  acts  as  a  reverse  proxy  between  any  screen-based  IP  telephone  and 
business  applications.  The  Net6  TG  receives  a  request  from  an  IP  telephone  to 
access  a  specific  application,  recognizes  the  type  of  device  accessing  the 
application,  and  determines  the  characteristics  of  the  IP  telephone  that  is  making  the 
request. 

Using  rules  provided  by  the  Nel6  Design  Studio™,  the  Net6  TG  extracts  the 
appropriate  data  from  the  application,  formats  the  data,  in  terms  of  screen  size, 
resolution,  memory,  or  graphics  support  for  the  specific  IP  telephone,  and  sends  the 
data  to  the  IP  telephone. 

The  Net6  Design  Studio  is  the  intuitive  “point-and-click”  development  tool  that 
enables  an  administrator  to  rapidly  customize  applications  for  use  on  any  IP 
screen  telephone. 


APPS  ON  IP  TELEPHONE  SCREENS  IN  3  EASY  STEPS 


In  Net6  Design  Studio 
(a  simple,  point-and-click 
graphical  user  interface), 
simply  open  the  desired  application. 


P  Point  and  click  on  the 
desired  portions  of  the 
application  within  Net6 
Design  Studio  to  define 
transformation  rules  that  customize 
the  application  user  interface  for  the 
specific  device. 


PUse  the  integrated  IP 
telephone  simulator  within 
Net6  Design  Studio  to 
layout  how  the  application  will 
appear  on  the  IP  telephone  display. 
This  gives  you  the  ability  to  view, 
simulate  and  revise  the  information 
easily. 


Once  the  transformation  rules  are 
complete,  they  are  saved  on  the 
Net6  TG  where  they  immediately 
transform  requests  in  real  time  from 
IP  telephones  that  are  accessing  the 
applications.  The  outcome  is  an 
optimized  user  experience  on  any  IP 
telephone,  regardless  of  variations 
in  screen  size,  resolution,  memory  or  graphics  support— now  possible  without  expensive 
and  time-consuming  software  development  or  major  changes  in  the  source  application. 

Net6  TG  is  also  designed  to  deliver  applications  for  use  on  wireless  devices, 
such  as  Pocket  PC  or  Palm  PDAs,  RIM  pagers  or  web-enabled  cellular  telephones.  Once 
transformed  for  IP  telephones,  an  application  can  easily  be  accessed  by  wireless  devices... 
across  all  networks,  including  802.11,  WiFi,  CDMA  1X-RTT  or  GPRS. 

With  the  Net6  TG,  organizations  can  deliver  intelligent  voice  and  data  services  on 
the  screens  and  speakers  of  IP  telephones  and  wireless  devices,  turning  them  into 
muti-function  appliances  that  offer  a  real-world  competitive  advantage. 


Get  a  FREE  copy  of  the  Net6  "IP  Telephone  Apps  Made  Easy" 

by  visiting  www.net6.com/ipt/AME.cfm 


Net  6 


©  Net6,  Inc.  2003.  Net6.  Net6  TG  and  Net6  Design  Studio  are  trademarks  of  Net6.  Inc.  All  other  trademarks  and  copyrights  are  the  property  of  their  respective  owners. 
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■  PRODUCTS,  SERVICES  AND  STRATEGIES 

FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Law  firm  dumps  BlackBerry  for  Good 

Good  Technology’s  GoodLink  server  provides  real-time  message  synchronization  without  a  cradle. 


■  BY  TONI  KISTNER 

Keesal,  Young  &  Logan  is  a  relatively 
small  law  firm,  with  80  lawyers  in  five 
offices  on  the  West  Coast;  in  Anchorage, 
Alaska;  and  in  Hong  Kong.  But  when  it 
comes  to  technology,  the  firm  is  a  power¬ 
house.  Its  recently  completed  Web  portal 
—  four  years  in  the  making  —  lets  attor¬ 
neys  access  95%  of  their  applications 
remotely,  making  the  firm’s  VPN  and 
remote-access  server  obsolete.  Keesal’s 
mobile  strategy  is  no  less  progressive. 

The  firm’s  director  of  information,  Jason 
Hectus,  ran  the  portal  project,  which  in¬ 
volved  custom-building  an  array  of  Web 
applications  using  Active  Server  Pages, 
XML  and  Simple  Object  Access  Protocol. 
When  it  was  time  to  upgrade  attorneys’ 
workstations  two  years  ago,  Hectus  and  his 
team  wanted  mobile  devices  that  best 
took  advantage  of  the  portal.  They 
launched  a  pilot  with  laptops,  but  quickly 


■  Belkin,  Buffalo  Technology, 
Linksys,  Netgear  and  SMC  an¬ 
nounced  firmware  upgrades  to  the 
recently  finalized  802. 11  g  specification. 
The  firmware  can  be  downloaded 
from  their  sites.  Others  are  expected 
to  follow  suit.  D-Link  and  SMC  both 
say  their  products  are  compliant. 

■  The  U.S.  Office  of  Personnel 
Management  r  ecently  released  a 
new  telework  guide.  “Telework:  A 
Management  Priority:  A  Guide  for 
Telework  Managers,  Supervisors  and 
Telework  Coordinators”  covers  all  the 
bases,  and  provides  additional  re¬ 
sources  such  as  a  telework  assess¬ 
ment  tool,  surveys,  a  FAQ  and  sample 
telework  agreement.  Confirming  the 
government's  commitment  to  tele¬ 
work,  OPM  director  Kay  Cole  James 
said  in  the  guide’s  opening  letter: 
“Telework  allows  the  Federal  govern¬ 
ment  to  remain  responsive  to  the 
nation  at  all  times."  (See  www. 
nwfusion.com,  DocFinder:  6434.) 


realized  they  were  a  poor  fit.  The  upfront 
and  support  costs  were  too  high,  especially 
when  lawyers  would  use  them  only  to 
check  email.  Hectus  had  followed  the 
mobile  marketplace  for  a  long  time,  but 
wasn’t  happy  with  what  was  available.  Al¬ 
though  Research  in  Motion’s  BlackBerry 
provides  the  enterprise  connectivity 
Hectus  wanted,  he  wanted  a  mobile  device 
that  wasn’t  tethered  to  the  desktop, one  that 
provided  continuous  synching  with  Out¬ 
look,  was  comfortable  and  was  natural  to 
use.  As  a  result,  he  hesitated  —  so  long  the 
attorneys  began  buying  Palm  Pilots,  Treos 
and  Pocket  PCs. 

“Finally  we  just  pinched  our  noses  and 
went  with  BlackBernJ’  he  says.  The  firm 
bought  the  BlackBerry  Enterprise  Server 
and  20  devices,  and  used  the  product  for 
six  months. 

As  Hectus  expected,  there  were  problems. 
“Our  road  warriors  who  would  have  their 
BlackBerries  in  one  state,  their  Outlook  in 
another  state,  and  log  onto  Web  Outlook, 
and  it  would  confuse  them,”  he  says. 

BlackBerry  devices  are  linked  closely  to 
the  users’ workstation.They  require  a  cradle 
for  desktop  synching  (although  the  new 
6210  replaces  the  cradle  with  a  USB  cable) 
and  client  software,  all  of  which  translated 
into  additional  support  and  an  occasional 
a  trip  to  Anchorage  for  one  of  Hectus’  net¬ 
work  engineers  to  “adjust  a  cradle.”  Users 
also  complained  of  10-  to  30-minute  mes¬ 
sage  delays. 

“It  really  fell  short  of  our  goals,”  he  says. 

But  six  months  ago,  Hectus  learned  about 
start-up  Good  Technology  from  his  systems 
integrator,  who  was  a  RIM  reseller.  Good’s 
GoodLink  Wireless  Corporate  Messaging 
System  works  with  Microsoft  Exchange  to 
provide  continuous,  real-time  synchroniza¬ 
tion  between  the  user’s  Exchange  mailbox 
and  the  device.  Messages  are  sent  to  the 
user’s  Outlook  client  and  Good  device 
simultaneously:  When  you  open  a  message 
on  the  device  it  appears  as  opened  or  read 
on  the  client, too  —  no  cradle.no  synching. 
There’s  also  the  ability  to  view  and  forward 
attachments,  resolve  calendar  conflicts  in 
real  time,  and  erase  data  remotely  in  case 
of  theft.  Moreover,  multiple  Exchange 
servers  on  a  LAN  require  only  one  Good- 
Link  Server.  The  service  runs  on  the 
Cingular  Mobitex  wireless  network. 

GoodLink  runs  on  Good’s  own  device, 
the  G100,  and  on  BlackBerry  devices  — 
making  it  a  formidable  competitor  to  RIM’s 


■  HOW  IT  WORKS 


GoodLink  Wireless  Corporate  Messaging  Sysem 

Good  Technology’s  proprietary  system  ensures  e-mail 
is  always  synched  in  real  time  between  the  server  and 
the  handheld.  Special  compression  techniques  keep 


O  Hie  GoodLink  Server  ©When  the  server  ©Messages  are  ©The  Operations  Center  routes 
and  Microsoft  receives  new  mes-  transmitted  via  messages  to  the  appropriate 

Exchange  continually  sages,  it  compres-  HTTP  over  SSL  handheld  connected  to  the 

communicate  using  ses  and  Triple-DES  to  the  GoodLink  wireless  network.  GoodLink’s 

the  MAPI  protocol.  encrypts  them  Operations  Positive  Acknowledgement 

GoodLink  monitors  before  sending  Center.  Architecture  ensures  messages 

change  logs  and  them  through  the  are  transported  reliably 

accesses  mailboxes.  firewall.  between  the  GoodLink  Server, 

the  center  and  the  device. 


©  When  the  wireless  handheld 
receives  the  message,  it  uses 
a  key  shared  with  the  server 
to  decrypt  and  decompress 
the  message.  When  a  user 
sends  a  message  from  the 
handheld,  the  process 
happens  in  reverse. 


BlackBerry  Enterprise  Server.  Good 
launched  a  year  ago,  and  in  the  last  six 
months.it  has  doubled  its  customer  base  to 
750.  Forty-five  percent  come  from  the  legal 
industry  which  was  long  a  RIM  stronghold. 

RIM  has  responded  by  launching  several 
patent-infringement  suits  against  Good. 
According  to  reports,  RIM  has  accused  the 
company  of  misappropriating  its  trade 
secrets  and  inducing  RIM  customers  to  re¬ 
place  BlackBerry  software  with  Good  soft¬ 
ware  on  their  handhelds,  in  violation  of 
their  RIM  software  agreements.  Most  re¬ 
cently  in  April,  a  Superior  Court  judge  in 
California  denied  RIM’s  request  for  a  pre¬ 
liminary  injunction  against  Good. 

The  pending  litigation  prompted  Hectus 
to  buy  BlackBerry  devices  over  Good’s 
GlOOs,  as  a  way  to  protect  his  investment 
should  Good  lose  the  suits  and  conse¬ 
quently  fold.  Even  so,  Hectus  quickly  went 
from  20  devices  to  outfitting  all  80  lawyers 
with  BlackBerries  running  GoodLink.  He 
says  Good  gave  his  firm  the  GoodLink 
server  software  for  free. 

Danny  Shrader,  Good’s  CEO,  says  his  com¬ 
pany  makes  it  very  easy  for  corporations  to 
migrate  from  RIM  to  Good.  In  the  coming 
months,  Shrader  says  GoodLink  will  run  on 
next-generation  voice  and  data  Palm  Pilots 
and  Fbcket  PCs,  and  run  on  several  wireless 
networks.  Good  recently  shuttered  its  hard¬ 
ware  business,  and  this  month  partnered 
with  Dell  to  sell  its  Axiom  FbcketPC  devices 
and  servers  running  GoodLink. 

According  to  RIM, “wireless  reconciliation 


has  always  been  on  its  road  map.”The  com¬ 
pany  says  the  new  version  of  BlackBerry 
Enterprise  Server  bidirectionally  “recon¬ 
ciles”  deletions,  messages,  moved  folders, 
automatically  every  10  to  15  minutes,  and 
lets  users  force  a  reconciliation  on  com¬ 
mand.  Although  the  new  version  improves 
wireless  synching  with  Outlook,  Hectus 
says  that  it  wasn’t  what  he  wanted.  He  says 
with  GoodLink,  support  calls  are  nonexis¬ 
tent  —  except  for  the  time  a  lawyer  ran 
over  his  device  with  a  golf  cart. 

Keesal  also  is  taking  advantage  of  Good- 
Info,  Good’s  development  environment,  to 
build  applications  for  tasks  such  as  ex¬ 
pense  reporting  and  time  tracking.  Lawyers 
download  the  applications  from  the  portal, 
or  they  are  sent  directly  to  the  devices  as  e- 
mail  attachments.  Clicking  on  the  attach¬ 
ment  icon  initiates  the  installation. 

“It’s  like  something  out  of  the  future,” 
Hectus  says.“And  because  we’re  so  focused 
on  Web  apps,  it’s  a  natural  progression  to  go 
to  tiny  little  XML  applets  thai  sit  on  a  de¬ 
vice, talk  to  our  Web  services  and  return  the 
info  the  lawyer  is  looking  for" 

GoodLink  makes  his  attorneys  feel  like 
superstars,  Hectus  says. “A  third-year  associ¬ 
ate  was  taking  a  deposition  from  a  much 
larger  firm  when  their  attorney  pulls  out  iris 
BlackBerry  she  her  GoodLink,  and  they 
compare  notes.  He  says, ‘What's  going  to  be 
really  cool  is  some  day  we  can  enter  our 
time  from  the  device.’  She  says,  It  is  really 
cool;  I  can  do  it  noW  When  she  got  back  to 
the  office, she  was  doing  cartwheels.”* 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


802.1 1e  brings  QoS  to  WLANs 


BY  JEFF  THOMAS 


HOW  IT  WORKS 


802.1 1e 


802.11e  is  a  proposed  standard  for  quality  of  service 
in  wireless  networks.  Enhanced  Distribution 
Coordination  Function  has  multiple  traffic  categories 
for  prioritization. 
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O  A  phone,  PDA  and  PC  with  traffic  categories  of  high,  medium  and  low  all  have  data  to  send  on 
the  wireless  network.  After  the  phone  finishes  sending  a  packet,  the  access  point  acknowledges 
its  receipt. 

0  After  the  acknowledgement,  there  is  a  wait  period  called  the  Arbitration  Interfame  Space  (AIFS)  before 
stations  attempt  to  send  data.  This  is  based  on  traffic  category  priority.  For  traffic  categories  with 
higher  priority,  the  wait  period  is  shorter  than  for  those  with  lower  priority. 

0  The  phone  selects  a  random  number  at  the  beginning  of  its  contention  window  and  begins  to  count 
down.  The  other  stations  do  the  same  as  they  wait  to  access  the  wireless  network,  but  suspend  the 
countdown  once  the  phone  begins  to  transmit  a  packet. 


As  users  experience  the  convenience  of 
wireless  connectivity,  they  are  beginning  to 
demand  support  for  the  same  applications 
they  run  over  today’s  wired  networks. 
Because  wireless  bandwidth  availability  is 
restricted,  quality  of  service  is  increasingly 
important  in  802.11  networks. 

Enter  802.1  le,  a  proposed  IEEE  standard 
to  define  QoS  mechanisms  for  wireless 
gear  that  gives  support  to  bandwidth-sensi¬ 
tive  applications  such  as  voice  and  video. 

The  original  802.1 1  media  access  control 
protocol  was  designed  with  two  modes  of 
communication  for  wireless  stations.  The 
first,  Distributed  Coordination  Function 
(DCF),  is  based  on  Carrier  Sense  Multiple 
Access  with  Collision  Avoidance  (CSMA/ 
CA), sometimes  referred  to  as“listen  before 
talk.”  A  station  waits  for  a  quiet  period  on 
the  network  and  begins  to  transmit  data 
and  detect  collisions.  DCF  provides  coordi¬ 
nation,  but  it  doesn’t  support  any  type  of 
priority  access  of  the  wireless  medium. 

An  optional  second  mode.Fbint  Coordin¬ 
ation  Function  (PCF),  supports  time-sensi¬ 
tive  traffic  flows.  Wireless  access  points 
periodically  send  beacon  frames  to  com¬ 
municate  network  identification  and  man¬ 
agement  parameters  specific  to  the  wire¬ 
less  network.  Between  the  sending  of  bea¬ 
con  frames,  PCF  splits  the  time  into  a  con¬ 
tention-free  period  and  a  contention  peri¬ 
od.  With  PCF  enabled,  a  station  can  trans¬ 
mit  data  during  contention-free  polling 
periods.  However,  PCF  hasn’t  been  imple¬ 
mented  widely  because  the  technology’s 
transmission  times  are  unpredictable. 

Because  DCF  and  PCF  do  not  differenti¬ 
ate  between  traffic  types  or  sources,  the 
IEEE  is  proposing  enhancements  in 


802.1  le  to  both  coordination  modes  to 
facilitate  QoS.These  changes  would  let  crit¬ 
ical  service  requirements  be  fulfilled  while 
maintaining  backward-compatibility  with 
current  802. 1 1  standards. 

The  proposed  enhancement  to  DCF  — 
Enhanced  Distribution  Coordination  Func¬ 
tion  (EDCF)  —  introduces  the  concept  of 
traffic  categories.  Each  station  has  eight 
traffic  categories,  or  priority  levels.  Using 
EDCF stations  try  to  send  data  after  detect¬ 


ing  the  medium  is  idle  and  after  waiting  a 
period  of  time  defined  by  the  correspond¬ 
ing  traffic  category  called  the  Arbitration 
Interframe  Space  (AIFS).  A  higher-priority 
traffic  category  will  have  a  shorter  AIFS 
than  a  lower-priority  traffic  category  Thus 
stations  with  lower-priority  traffic  must  wait 
longer  than  those  with  high-priority  traffic 
before  trying  to  access  the  medium. 

To  avoid  collisions  within  a  traffic  cate¬ 
gory,  the  station  counts  down  an  additional 


random  number  of  time  slots,  known  as  a 
contention  window,  before  attempting  to 
transmit  data.  If  another  station  transmits 
before  the  countdown  has  ended,  the  sta¬ 
tion  waits  for  the  next  idle  period,  after 
which  it  continues  the  countdown  where 
it  left  off. 

No  guarantees  of  service  are  provided, 
but  EDCF  establishes  a  probabilistic  prior¬ 
ity  mechanism  to  allocate  bandwidth 
based  on  traffic  categories. 

Another  way  802. 1  le  aims  to  extend  the 
polling  mechanism  of  PCF  is  with  the 
Hybrid  Coordination  Function  (HCF).  A 
hybrid  controller  polls  stations  during  a 
contention-free  period. The  polling  grants 
a  station  a  specific  start  time  and  a  maxi¬ 
mum  transmit  duration. 

EDCF  appears  to  be  gaining  more  early 
acceptance  than  HCF  The  802.1  le  stan¬ 
dard  isn’t  likely  to  be  ratified  until  next 
spring  or  later.  In  the  meantime,  a  group  of 
vendors  have  proposed  Wireless  Multi- 
media  Enhancements  (WME),  much  like 
Wi-Fi  Protected  Access,  to  provide  an  inter¬ 
im  QoS  solution  for  802.1 1  networks. 

Without  a  standard,  the  risk  of  non-inter- 
operable  mechanisms  proliferating  in  the 
marketplace  would  inhibit  the  overall 
goals  of  the  802. 1  le  standard.The  intention 
of  WME  is  to  provide  a  well-defined  and 
accepted  802.11  QoS  mechanism  that  will 
prevent  the  spread  of  non-interoperable 
methods  while  waiting  for  the  ratification 
of  the  802.1  le  standard. 

The  process  of  creating  a  definitive  stan¬ 
dard  can  be  slow, but  the  IEEE  802. 1  le  stan¬ 
dard  will  address  existing  QoS  concerns. 

Thomas  is  a  product  manager  for  wireless 
LANs  at  Alcatel.  He  can  be  reached  at 
Jeff.  Thomas@alcatel.  com. 


Dr.  Internet  By  Steve  Blass 

We  want  to  track  available  bandwidth,  maximum 
rates  and  other  network  statistics,  and  display  the 
results  graphically.  Where  can  I  find  software  to 
determine  available  bandwidth  between  pairs  of 
intranet  and  Internet  network  links? 

The  Cooperative  Association  for  Internet  Data 
Analysis  (CAIDA,  www.caida.org)  provides  links 
to  a  number  of  commercial  and  open  source  soft¬ 
ware  tools  for  monitoring,  measuring  and  visual¬ 


izing  network  performance  information.  If  you 
are  polling  from  a  large  number  of  SNMP 
devices,  take  a  look  at  the  Real  Traffic  Grabber. 
To  measure  performance  statistics  between 
endpoints  from  one  end,  you  could  use  pchar.  If 
you  can  run  probes  with  root  privilege  from  a 
Linux  system  on  one  end,  Sprobe  offers  an  inter¬ 
esting  alternative.  If  you  control  both  endpoints, 
pathrate  and  pathload  can  be  used  to  measure 
the  capacity  and  load  across  Internet  paths. 


Viznet  is  a  stand-alone  Java  application  that  can 
be  used  to  monitor  a  connection  or  to  post 
process  a  log  file.  GTrace  is  a  graphical  version 
of  traceroute.  CAIDA  also  provides  links  to  a 
number  of  visualization  and  mapping  tools  such 
as  GeoPlot,  MapNet  and  Otter. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr. internet 
@changeatwork.  com. 
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Technology  Update 


Net  for  wireless  show  starts  with  KVM  switch 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Boy,  it  has  been  a  busy  year  so  far! 
We’ve  been  running  hither  and 
thither,  and  now  it  is  catch-up  time. 
We  have  been  getting  a  wireless  LAN 
ready  for  our  friend  Jim  Sterne’s  Web 
Metrics  Conference  in  Santa  Barbara, 
Calif,  (by  the  time  you  read  this,  a  red-eye 
will  get  you  there  for  the  first  day  —  we’ll 
buy  you  a  drink  if  you  make  it). 

This  wireless  system  will  serve  as  the 
conference’s  private  infrastructure,  and  it 
gives  us  an  excuse  (as  if  we  really  needed 
one)  to  play  with  all  sorts  of  tools  and 
hardware  we  have  lying  around. 

Our  plan  is  to  base  the  conference  sys¬ 
tem  on  a  server  running  Red  Hat  Linux  9 
and  provide  wireless  service  with  a 
Linksys  dual-band  Wireless  A+G  Broad¬ 
band  Router  so  we  can  offer  access  to 
attendees  using  802.11a,  802.11b  or 
802.1  lg.  And  there’s  more. 

But  before  we  could  get  down  to  build¬ 
ing  the  wireless  network,  our  first  task  was 
to  install  a  keyboard/video/monitor 


(KVM)  switch.  We  needed  (wanted)  this 
device  because  we  ran  out  of  desk  space 
and  setting  up  our  server  for  the  network 
would  have  required  too  much  running 
back  and  forth  to  the  server  room. 

The  KVM  solved  this  by  letting  us  to 
switch  between  all  the  servers  in  the 
server  room  and  our  desktop  systems, 
and  actually  get  desk  space  back!  We 
finally  might  get  down  to  one  or,  at  most, 
two  monitors  on  our  desk. 

Our  KVM  device,  a  Raritan  Computer 
Paragon  Matrix  Switch,  had  been  sitting  in 
the  server  room  for  a  few  weeks  taunting  us 
since  we  reviewed  Raritan’s  IP  Reach 
system  (see  www.nwfusion.com,  Doc- 
Finder:  6499). 

Let  us  give  you  the  bottom  line  upfront: 
The  Paragon  Matrix  Switch  system  is  awe¬ 
some.  It  can  support  both  small  and  large 
installations,  it  is  easy  to  install  and  con¬ 
figure,  it  is  easy  to  use,  and  it  works  flaw¬ 
lessly 

The  basic  architecture  of  the  Paragon 
Matrix  is  as  follows:  A  matrix  switching 
unit  (MSU)  wired  to  one  or  more  user  sta¬ 
tions  that  are, in  turn, connected  to  a  user’s 
keyboard,  mouse  and  monitor. 

Devices  are  connected  to  the  MSU  by 
computer  interface  modules  (CIM).ClMs 
are  small  modules  that  feature  a  standard 


monitor  connector  and  cables  to  con¬ 
nect  to  the  mouse  and  keyboard  ports  on 
the  host  computers  (you  can  get  CIMs 
that  support  PS/2,  Sun,  USB  and  serial 
interfaces). 

Each  MSU  can  accommodate  16  to  64 
computers  with  video  resolutions  up  to 
1,600  by  1,200  pixels,  and  can  switch 
between  two  to  16  users  depending  on 
which  model  you  choose.  The  hardware 
form  factor  is  1U  for  all,  except  for  the  16- 
user,  64-computer  model,  which  is  2U. 

What’s  really  neat  is  that  the  CIMs,  MSUs 
and  user  stations  all  are  connected  using 
category  5e  cabling.  This  allows  for  up  to 
1,000  feet  between  users  and  computers, 
and  Cat5e  cabling  makes  for  a  very  tidy 
installation  compared  with  old-school 
KVMs,  which  required  separate  cables  for 
every  mouse,  keyboard  and  monitor  port, 
creating  instant  spaghetti. 

We  did  as  the  manual  suggested  (unusu¬ 
al  for  us)  and  powered  down  everything 
before  connecting  anything  (we  always 
have  had  an  inexplicable  tendency  to 
indulge  in  “hot  wiring”).  When  everything 
was  plugged  in,  we  switched  on  the  power 
and  voila!  The  Paragon  system  worked,  just 
like  that.  Wow!  We  might  start  following 
manuals  in  the  future. 

Now,  as  we  said,  our  installation  was  sim¬ 


ple:  a  bunch  of  computers  with  CIMs  con¬ 
nected  to  an  MSU  connected,  in  turn,  to  a 
user  station.  But  you  can  get  much  fancier 
than  that:  Paragon  MSUs  can  be  linked  in 
a  tree  with  CIMs  as  leaf  nodes  on  any 
Raritan  KVM,  allowing  for  switched  access 
to  2,048  computers.  And  if  you  are  really 
playing  in  the  big  leagues,  you  can 
increase  that  to  10,000  computers  using 
Raritan’s  Cascade  Matrix  Switches. 

Raritan  also  offers  CIMs  that  can  be 
daisy-chained,  letting  one  MSU  port  sup¬ 
port  up  to  42  computers  for  a  maximum 
of  2,688  computers  on  one  64-port  MSU. 

The  interface  software  to  select  which 
computer  you  connect  to  is  easy  to  use, 
and  the  built-in  management  system  is 
well  designed.  It  lets  user  stations  be 
secured  through  usernames  and  pass¬ 
words.  These  user  accounts  also  can  be 
associated  with  groups  having  various 
levels  of  access  to  specific  computers. 

This  is  definitely  the  best  KVM  product 
we  have  tested.  Outstanding. 

So  we  got  the  Raritan  Paragon  system 
working  and  our  next  task  was  to  get  . . . 
well,  you’ll  just  have  to  wait  for  next  week 
to  find  out. 

Switch  your  thoughts  to  gearhead 
@gibbs.com. 


Cool  Too 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Handspring  and  Nokia  last  week 
announced  two  new  converged 
devices  (cell  phone  plus  PDA)  to 
help  make  business  users  more  produc¬ 
tive  when  mobile.  Both  devices  are  voice 
centric,  which  means  they  look,  feel  and  act 
more  like  a  cell  phone  than  a  traditional  PDA. 

Handspring  launched  the  next  generation  of 
itsTreo  communicator  converged  device, the Treo 
600.  It’s  smaller  and  looks  more  like  a  mobile  phone 
than  the  previous  Treo  models.  The  Treo  600  still  has  an 
integrated  qwerty  keyboard,  and  Handspring  made  it 
smaller  yet  more  tactile  by  changing  the  shape  of  the  key¬ 
pads.  Handspring  says  the  dome-shaped  keys  have  a  larg¬ 
er  surface  area,  which  will  make  it  easier  for  users  to  type 
out  messages  than  with  previous  models. 

The  Treo  600  is  Handspring’s  first  device  to  use  Palm  OS 
5,  and  features  an  ARM-based  processor.  Handspring 
moved  the  navigation  buttons  from  the  bottom  to  just 
above  the  keyboard. This  makes  it  much  easier  to  operate 
the  Treo  600  with  one  hand.as  the  thumb  goes  more  to  the 
venter  of  the  device.  The  Treo  600  also  includes  an  “error 
avoidance"  software  feature  that  determines  which  key  is 
intended  when  two  keys  are  pushed  at  the  same  time. 

Two  versions  of  the  Treo  600  will  be  available,  a  Code 
Division  Multiple  Access  lx  (CDMA lx)  version  and  a 
GSM/General  Packet  Radio  Service  version.  Sprint 
announced  that  it  would  carry  the  Treo  600  on  its  CDMA 


Converged  devices  have  cell  phone  feel 


lx  network,  and  Orange  (based  in  the  U.K.)  is  one  of  the 
GSM  carriers.  A  GSM/GPRS  carrier  in  the  U.S.  has  not  yet 
been  announced. 

In  addition  to  the  cell  phone  and  PDA  functionality, 
the  Treo  600  includes  an  embedded  VGA  digital 
camera  and  a  proxyless  version  of  the  Blazer  Web 
browser,  which  will  enable  full  Web  browsing 
and  the  ability  to  secure  access  to  corporate 
networks,  Handspring  says.  The  device  will 
include  a  160-by-160-pixel  color  screen  and 
will  have  32M  bytes  of  memory.  In  addition, 
a  Secure  Digital  I/O  slot  will  be  included 
for  expansion  capabilities,  the  company 
says. 

Pricing  has  not  yet  been  determined  and 
likely  will  be  set  by  carriers.  The  Treo  600  is 
expected  to  be  available  by  fall. 

Nokia’s  new  converged  device,  the  Nokia  6600,  is  expect¬ 
ed  to  be  available  in  Europe,  Africa  and  Asia-Pacific  mar¬ 
kets  by  the  fourth  quarter.  The  new  phone  includes  per¬ 
sonal  information  mananger  functionality  and  an  integrat¬ 
ed  VGA  camera  with  a  2X  digital  zoom  lens.  Nokia  says  the 
6600  will  be  able  to  “capture,  send  and  receive  video  clips 
with  audio,”  and  will  be  able  to  receive  streaming  video 
content  in  RealVideo  and  3GPP  streaming  formats.  In  addi¬ 
tion,  the  6600  includes  Secure  Sockets  Layer  support  and  a 
VPN  client.to  let  companies  provide  secure  access  to  their 
internal  networks  via  the  device. 

Applications  developed  on  the  Symbian  7.0  operating 
system  or  Java  can  be  downloaded  to  the  device,  Nokia 
says,  and  the  device  will  contain  6M  bytes  of  storage 
space.  A  32M-byte  MultiMedia  Card  will  be  included  for 
additional  storage. 

Other  features  include  Bluetooth  and  infrared  connectiv¬ 


Treo's  Handspring  (right) 
got  smaller  yet  more 
tactile,  and  the  new  Nokia 
6600  will  be  able  to  cap¬ 
ture,  send  and  receive 
video  clips  with  audio. 


ity  and  integrated  TCP/IP  technology  to  help  speed  over- 
the-air  file  downloads.  For  end  users  still  concerned  about 
the  talk  time  on  the  device,  Nokia  says  the  6600  will  have 
talk  time  up  to  four  hours  and  standby  time  up  to  10  days. 


Shaw  can  be  reached  at  kshaw@ 
nww.com. 
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EDITORIAL 

John  Dix 

SCO  fly,  don't 
bother  me 

I  {The  SCO  Groups  original  $1  billion  law  suit  filed  in 
March  didn’t  get  IBM’s  attention,  the  amended  com¬ 
plaint  filed  last  week  seeking  three  times  the  damages 
and  an  injunction  prohibiting  the  sale  of  AIX  might  have 
done  the  trick. 

SCO  apparently  is  pursuing  the  case  —  in  which  it 
alleges  IBM  took  SCO’s  Unix  code  and  spilled  it  into  Linux 
—  because  it  realizes  it  is  easier  to  generate  a  profit  nailing 
down  intellectual  property  rights  than  selling  software. The 
company  has  created  a  whole  division, SCOsource,  to  do 
nothing  but  chase  Unix  licensing  revenue. 

And  it’s  working.  For  the  quarter  that  ended  April  30, 
SCO  reported  its  first  ever  quarterly  profit  of  $4.5  mil¬ 
lion,  largely  on  the  strength  of  two  SCOsource  licensing 
agreements. 

Does  SCO  have  a  case  with  IBM?  Read  the  SCO  docu¬ 
ment  (www.nwfusion.com,  DocFinder:  6435), and  it  sounds 
fairly  solid.  IBM  isn’t  talking  much,  but  read  the  OS1  Position 
Paper  on  the  SCO-vs.-IBM  Complaint  by  Eric  Raymond, 
president  of  the  Open  Source  Initiative  (DocFinder:  6436), 
and  the  suit  sounds  like  a  house  of  cards. 

While  Raymond  disavows  knowledge  of  IBM’s  contrac¬ 
tual  dealings  with  SCO,  he  knows  the  history  of  Unix  and 
discusses  it  at  length. Two  of  his  important  points:  1)  Unix 
is  actually  a  family  of  operating  systems  “with  common 
design  elements”  (raising  questions  about  whether  SCO 
can  lay  claim  to  all  of  them);  and  2)  any  rights  SCO  has  to 
Unix  “had  been  substantially  impaired”  before  SCO 
acquired  them  by  a  lawsuit  in  the  early  1990s  (raising 
questions  about  this  whole  thing  being  moot). 

The  history  of  Unix  is  so  tangled  that  it  will  be  hard  to 
discern  who  contributed  what  intellectual  property 
when  and  who  has  subsequent  rights.  And  whether  you 
believe  SCO  or  IBM  or  Raymond,  the  chances  are  that 
proprietary  code  has  been  mixed  into  Unix  somewhere 
along  the  line.  Whether  that  code  is  pertinent  to  this 
case  and  causes  it  to  swing  one  way  or  another  remains 
to  be  seen. 

But  the  case  does  serve  as  a  reminder  that,  benefits 
aside,  open  source  products  occasionally  might  be  entan¬ 
gled  in  this  kind  of  mess.  It  is  more  important  than  ever  to 
document  the  origins  of  open  source  code  and  research 
its  roots. 

Sadly,  regardless  of  the  outcome  of  the  SCO  suit,  the 
legal  wTanglmg  will  take  time  to  resolve  and  the  open 
source  community  likely  will  lose  some  momentum,  if 
not  get  something  of  a  permanent  black  eye.  And  that’s 
a  shame. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Explanation  needed 

In  Johna  Till  Johnson’s  column  “The  extranet 
emerges  .  .  .  right  on  cue”  (www.nwfusion.com, 
DocFinder:  6427), she  states: “What’s  needed  instead 
is  a  more  sophisticated  security  architecture  that 
provides  graduated  access  to  resources  permissions 
that  are  based  on  a  user’s  identity  Many  organiza¬ 
tions  are  beginning  to  put  into  place  a  threetiered 
security  model  that  addresses  such  issues.”  How 
about  a  story  explaining  what  that  is?  Is  it  Novell’s 
best  practice  model  of  IDVault,  plus  LDAFV3  direc¬ 
tory  plus  operating  system  directories  provisioned 
by  Ichain.or  is  she  referring  to  something  else? 

Dennis  Brewer 
IT  solutions  specialist 
State  of  Michigan,  Department  of  Information 
Technology  Office  of  Research  and  Fblicy 

Lansing,  Mich. 

Stopping  spam 

Regarding  the  Face-off  “Are  filters  more  effective 
than  laws  in  stopping  spam?”  (DocFinder:  6428): 
There  is  merit  to  legislation  and  filtering  and  the 
idea  that  both  should  be  pursued  until  spamming 
isn’t  financially  viable.  Legislation  is  the  “blue  sky 
option,”  but  back  to  reality  —  get  Bayesian  filtering 
now. You  won’t  be  disappointed. 

As  one  of  the  oldest  messaging  service  providers 
in  North  America,  my  company  has  seen  the  growth 
of  the  spam  problem  for  our  corporate  customers 
firsthand.  Our  most  recent  spam-filtering  service  has 
implemented  four  different  methods,  including 
Bayesian  filters.  Each  one  compensates  for  the  weak¬ 
nesses  of  the  other  and  the  results  exceed  99%  effec¬ 
tiveness  with  less  than  0.5%  false  positives. 

Spam  is  no  longer  a  problem  for  customers  using 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


our  service.  Our  hats  are  off  to  Paul  Graham’s 
Bayesian  filtering  techniques;  they  really  work.  My 
advice  is  to  get  Bayesian  filtering  in  place  now  and 
then  work  on  lobbying  for  legislative  change. 

Adam  Hyde 
Director  of  product  strategy 
The  Electric  Mail  Company 
Bellingham,  Wash. 

Two  men,  describing  a  large  fish  by  starting  at  oppo¬ 
site  ends,  will  not  produce  the  same  description, 
although  in  the  end  they  describe  the  same  thing. 
Such  is  the  case  with  Paul  Graham  and  Jason  Catlett, 
where  each  starts  at  the  extreme  and  meets  near  the 
center.  To  say  filter  or  law  is  the  way  to  go  to  stop 
spam  is  too  narrow  a  view,  and  compromises  are 
inevitable.  Do  we  stop  theft  by  lock  or  law  alone? 

Both  filters  and  laws  have  their  place  in  mitigating 
spam.  Laws  will  only  ever  be  a  deterrent;  spam  will 
continue  to  plague  us  as  long  as  open  Simple  Mail 
Transfer  Protocol  relays  continue  to  inhabit  the  ’Net. 

Richard  Danielli 
CEO  and  president 
eSubnet  Enterprises 
Toronto 

Technologically  illiterate  legislators  are  proposing 
new  spam  laws.  Companies  that  are  having  a  hard 
time  dealing  with  the  free  flow  of  information  across 
the  Internet  are  putting  these  laws  forth.Technology 
will  not  solve  the  “problem”;  training  and  continued 
use  of  the  Internet  will.  There  is  a  correlation 
between  users  that  complain  of  spam  and  their  level 
of  technical  expertise. 

As  advertisers  realize  that  spamming  is  not  prof¬ 
itable,  it  will  stop,  and  the  legislators  and  companies 
selling  anti-spam  software  will  declare  an  unearned 
victory  If,  however,  it  is  profitable,  it  will  not  stop  and 
will  change  to  more  closely  fit  the  need. 

Alfred  Brock 
Canton,  Mich. 
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STRATEGY  SESSION 

Jeff  Kaplan 

Not  long  ago,  the  battle  for  telecom  su¬ 
premacy  meant  the  incumbent  local 
exchange  carriers  and  interexchange 
carriers  had  to  offer  a  broad  array  of  network 
and  IT  services  to  win  and  protect  cus¬ 
tomers.  A  combination  of  factors  has  forced 
them  to  re-evaluate  this  strategy  and  refocus 
their  energies  on  their  core  competencies  of  transport  services.  This 
retrenchment  eventually  could  lead  to  their  return  as  a  key  element 
in  the  utility  computing  services  market. 

The  carriers  used  their  newfound  freedom  in  1983  to  pursue  a  vari¬ 
ety  of  new  businesses,  including  systems  integration  and  outsourcing. 
They  set  up  divisions  aimed  not  only  at  addressing  customers’  net¬ 
work  integration  and  operations  needs,  but  their  IT  requirements  as 
well.  This  put  them  in  direct  competition  with  Andersen  Consulting 
(now  Accenture),  Computer  Sciences  Corp.,  Electronic  Data  Systems 
and  IBM,  among  others.  These  efforts  failed  because  the  carriers 
barely  understood  data  communications,  nevermind  data  centers. 

The  telephone  companies’  systems  integration  and  outsourcing  fail¬ 
ures  in  the  1980s  and  early  1990s  didn’t  discourage  them  from  pursu¬ 
ing  another  promising  new  business  in  the  late  1990s:  Web  hosting. 
Again,  many  of  the  carriers  not  only  established  business  units  that 
offered  the  communications  necessary  to  ensure  proper  connectivity 
to  hosting  facilities,  but  also  built  their  own  hosting  facilities  to  com¬ 
pete  with  the  leading  players  in  this  market.  This  time,  they  failed 
because  the  demand  for  hosting  services  was  far  less  than  forecast. 

It  appears  some  carriers  finally  have  learned  their  lessons  from 


Telcos  find  their  place 


these  experiences  and  are  returning  to  their  primary  business  of  pro¬ 
viding  bandwidth  and  connectivity  services.  Specifically,  these  com¬ 
panies  are  building  out  their  IP/Multi-protocol  Label  Switching-based 
networks  and  packaging  an  assortment  of  managed  services  that  will 
complement  the  utility  computing  services  offered  by  their  partners. 

BellSouth  and  Qwest  are  offloading  their  hosting  businesses  to  IBM 
and  Hf) respectively  SBC  and  Verizon  also  have  pulled  back  from  pur¬ 
suing  Web  hosting  services  aimed  at  the  complex  needs  of  enterprise 
customers.The  ILECs  have  recognized  that  they  are  more  likely  to  suc¬ 
ceed  in  utility  computing  and  the  broader  e-business  market  by  part¬ 
nering  with  other  companies  that  have  greater  skills  and  resources. 

Not  everyone  has  heeded  these  lessons.  Sprint  is  still  promoting 
and  delivering  an  array  of  application  and  other  managed  services 
to  enterprise  customers.  Unlike  AT&T,  which  is  partnering  with  com¬ 
panies  such  as  Siebel,  and  MCI,  which  is  promoting  its  converged 
network  services,  Sprint  is  playing  the  “prime  contractor”  role  and 
turning  to  partners  on  a  case-by-case  basis.  This  approach  is  des¬ 
tined  to  fail  because  corporations  don’t  believe  carriers  are  quali¬ 
fied  to  solve  their  computing  needs.  Proof  of  this  is  Sprint’s  recent 
decision  to  offload  the  bulk  of  its  Web  hosting  business  to  third- 
party  providers. 

The  ILECs  and  IXCs  that  have  accepted  their  role  in  supporting  their 
enterprise  customers’  network  requirements  should  be  congratulated. 
Companies  should  be  wary  of  carriers  that  don’t  know  their  limitations. 

Kaplan  is  managing  director  of  THINKstrategies,  a  consultancy  in 
Wellesley,  Mass.  He  can  be  reached  at  jkaplan@thinkstrategies.com. 
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CACHE  ADVANCE 

Linda  Musthaler 


'ham,  spam,  no  thank  you,  ma’am! 
Spam  is  out  of  control,  and  it’s  time  to 
get  serious  about  ridding  ourselves  of 
this  menace. 

The  time  and  money  we  spend  dealing  with 
unwanted  junk  email  isstaggering.According 
to  Forrester  Research,  the  average  consumer 
receives  110  junk  emails  per  week  —  more  if  your  email  service 
doesn’t  screen  out  spam.  IDC  estimates  that  a  company  with  14,000  em¬ 
ployees  spends  $245,000  annually  to  fight  spam.  According  to  Ferris  Re 
search,  U.S.  corporations  will  spend  $10  billion  to  combat  the  problem 
this  year,  including  the  cost  of  lost  productivity,  additional  equipment, 
software  and  manpower. 

For  me,  the  problem  is  more  personal  than  just  time  and  money:  I 
have  had  my  email  identity  stolen  and  used  for  spam  purposes.  Some 
idiot  has  usurped  my  business  email  address  and  used  it  as  the  proxy 
name  for  sending  out  his  garbage.  Now  it  appears  as  though  porno¬ 
graphic  spam  is  coming  from  me,  even  though  the  originating  IP 
address  does  not  belong  to  my  company 

This  seems  to  be  the  year  when  we  get  mad  as  hell  about  spam  and 
don’t  want  to  take  it  (or  receive  it)  anymore.  From  government-spon¬ 
sored  conferences,  to  legislation,  to  new  tools  and  technologies,  every¬ 
one  is  anxious  to  address  the  problem  before  it  renders  e-mail  too  cum¬ 
bersome  to  use.  Alas,  there  are  no  quick  fixes. 

Most  of  us  attack  the  problem  with  technology  The  most  effective  tool 
—  and  I  use  the  term  “effective”  lightly  —  seems  to  be  the  spam  filter. 
Maintaining  these  filters  is  time  consuming  and  expensive,  and  spam¬ 
mers  are  constantly  inventing  ways  to  get  around  them. 

1  give  low  marks  to  a  new  technology  approach  called  “challenge- 
response,”  which  requires  that  an  e-mail  sender  confirm  his  authenticity 
before  his  message  is  delivered  to  the  recipient.  The  thought  is  that  a 
spammer  sending  thousands  of  emails  at  a  time  won’t  want  to  confirm 
his  sincerity  to  each  of  his  targets.  Not  everyone  will  use  the  technology, 


Time  to  rein  in  spam 


though.  A  person  has  to  activate  this  option  in  his  email  system  to  chal¬ 
lenge  all  incoming  mail,  and  he  can  develop  his  own  list  of  preautho¬ 
rized  senders  whose  mail  shoots  straight  through.  All  other  email  is 
locked  out  until  the  sender  answers  the  challenge.  EarthLink  has  start¬ 
ed  to  offer  a  challengeresponse  service  to  its  email  customers. 

I  can’t  see  this  technology  gaining  general  acceptance.  It’s  too  darn  in¬ 
convenient  for  legitimate  email  users. I  encountered  my  first  challenge 
last  week  while  replying  to  a  friend’s  note,  and  was  miffed  at  the  incon¬ 
venience,  so  1  never  sent  my  reply  I  wonder  if  my  friend  knows  how 
much  email  she  is  missing  because  of  this. 

Federal  and  state  government  bodies  are  attacking  the  spam  problem 
with  legislation.  Critics  say  this  won’t  stop  the  problem,  as  laws  aren’t 
effective  outside  our  borders,  and  spammers  can  easily  move  their 
operations  offshore.  Still,  we  need  legislation  to  define  what  is  accept¬ 
able  behavior  and  what  isn’t.  While  it  might  not  be  illegal  to  send  out 
millions  of  e-mails  per  day,  we  can  make  it  illegal  to,  say  steal  someone 
else’s  identity  (like  mine)  to  send  out  these  messages. 

The  key  to  making  any  legislation  effective  is  to  get  worldwide  agree¬ 
ment  on  it.  Just  like  nuclear  proliferation,  it’s  no  good  if  one  country  sup¬ 
ports  disarmament  and  others  don’t.  Unfortunately  there  are  too  many 
countries  that  won’t  or  can’t  act  against  spam. 

Meanwhile,  vigilantes  are  taking  action  against  the  spammers.  A  loose 
affiliation  of  spam-fighters  attacks  spammers  with  their  own  treatment: 
they  overwhelm  the  spammer’s  servers  with  mail. One  “soldier"  attacked 
a  spammer’s  operations  by  making  all  the  company's  phones  ring  at 
once,  forcing  the  “marketing  firm”  to  shut  off  its  phones  for  a  while.  1 
smiled  when  I  heard  about  this. 

Spammers  deserve  all  the  technology  legislation  and  payback  we  can 
throw  at  them.  1  say, beef  it  all  up  and  shut  ’em  all  down.We  have  to  make 
it  unprofitable  and  inconvenient  for  them  to  make  a  living  this  way 
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Musthaler  is  vice  president  of  Currid  &  Company,  a  Houston  technol¬ 
ogy  consulting  firm.  She  can  be  reached  at  linda@currid.com. 
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BY  EVAN  ROSEN 


Four  years  ago,  ABM  Industries,  a  $1.8  bil¬ 
lion  building  services  company,  decided 
to  switch  from  a  solid,  dependable,  man¬ 
aged  frame  relay  network  to  DSL  connec¬ 
tions  from  a  variety  of  service  providers. 
The  goal  was  to  lower  the  cost  of  linking 
branch  offices  to  corporate  headquarters. 

“A  lot  of  vendors  and  service  providers  who  are  no 
longer  in  existence  wanted  to  get  rid  of  our  frame  relay 
network. They  said  that  using  a  VPN  with  DSL  would  be 
a  great  way  to  go,”  says  Barry  Wilson,  manager  of  video, 
voice  and  e-learning  for  the  San  Francisco  company 

But  from  the  start,  there  were  latency  and  other  service 
problems.“Before  long,  we  had  angry  branch  managers. 
There  was  almost  a  revolution,”  he  says.The  final  straw 
came  in  late  2001  when  service  from  one  DSL  provider 
disappeared  for  good. “NorthPoint  folded  one  night  and 
left  us  with  20  offices  with  no  service, "Wilson  says. 

The  IT  staff  scrambled  and  provided  dial-up  connec¬ 
tions  to  the  branch  offices  that  used  NorthPoint.  Shortly 
thereafter,  ABM  switched  all  its  branch  offices  back  to  a 
managed  service  from  one  vendor  —  AT&T’s  enhanced 
DSL  sendee,  which  provides  a  Covad  Communications 
DSL  connection  to  AT&T’s  frame  relay  network. 

Like  ABM,  many  companies  burned  by  the  well-publi¬ 
cized  bankruptcies  of  service  providers  and  metropoli¬ 
tan  Ethernet  players  became  leery  about  deploying  new 
broadband  sendees.  But  after  spending  a  year  trying  to 
do  videoconferencing  internally  and  not  being  happy 
with  the  results,  ABM  bit  the  bullet  and  successfully  con¬ 
tracted  with  an  application  service  provider. 

Today,  ABM  uses  Covad  symmetric  DSL  connections  to 
Wire  One’s  Glowpoint  network  for  group  videoconfer¬ 
encing.  Wilson  says  that  most  of  the  time  the  video  and 
audio  quality  is  like  watching  TV,  although  there  is  occa¬ 
sional  audio  delay  when  connecting  multiple  sites. 

And  ABM  isn’t  the  only  company  that  has  overcome 


its  concerns  about  broadband.  Alyeska  Pipeline,  which 
runs  the  Alaska  Pipeline,  plans  to  spend  about  $3  mil¬ 
lion  this  summer  to  upgrade  nearly  1,500  desktops  to 
support  multimedia. The  upgrade  will  include  speakers, 
Windows  XP  the  current  version  of  Microsoft  Media 
Player,  processor  speeds  of  at  least  1 ,4GHz  and  mini¬ 
mum  memory  of  512M  bytes. The  company  also  is 
upgrading  its  20  multimedia  rooms  with  state-of-the-art 
videoconferencing  systems  and  IP/TV,  Cisco’s  streaming 
solution  that  uses  multicast  to  efficiently  distribute 
video  traffic  on  the  network. 

Because  Alyeska  operates  several  remote  pump  sta¬ 
tions  in  an  isolated,  weather-challenged  environment, 
travel  for  meetings,  training  or  even  healthcare  is  diffi- 
cult. Therefore,  the  company  uses  its  private  ATM  net¬ 
work  for  distance  learning,  tele-medicine  and  meetings. 

The  upgrades  will  let  Alyeska  simultaneously  stream 
live  training  sessions  to  the  multimedia  rooms, so 
employees  won’t  spend  so  much  time  in  cars  and  on  air¬ 
planes.  Ultimately  Alyeska  is  looking  to  bring  IP/TV  to 
the  desktop. 

Alyeska’s  available  bandwidth  of  eight  DS-3s  is  far 
greater  than  the  three  DS-3s  currently  used, “but  new 
capabilities  will  absorb  that  bandwidth,”  says  Erv  Barnes, 
CIO  of  Alyeska.“People  can  never  get  enough  of  any 
infrastructure  that  will  let  them  communicate.” 

If  you’re  thinking  about  rolling  out  a  new  broadband 
service,  here’s  an  analysis  of  the  various  options. 

What's  happening  now 

Nearly  all  Fortune  1000  companies  have  deployed 
group  or  conference  room  videoconferencing  over  ISDN 
and  some  now  are  rolling  out  videoconferencing  over  IP 
Many  also  use  streaming  for  executive  speeches,  training 
videos,  watching  videoconferences  without  participating 
and  reviewing  videoconferences  after  they  end. 

Several  are  embracing  Web  conferencing  for  online 
meetings. The  service  lets  multiple  users  view  and  anno¬ 
tate  documents  and  whiteboards  simultaneously  while 
sharing  applications.“Web  conferencing  was  a  bigger 
business  than  videoconferencing  at  the  service  provider 


level  last  year,”  says  Andrew  Davis,  an  analyst  at 
Wainhouse  Research. 

The  primary  options  for  deploying  broadband  applica¬ 
tions  over  IP  are  building  a  converged  network  or  using 
a  service  provider  to  deliver  videoconferencing  over  a 
dedicated  IP  network.  ABN  Amro,  a  multinational  bank¬ 
ing  firm,  uses  Wire  One’s  IP  network  rather  than  its  own 
data  network  for  video  traffic. 

“To  move  video  traffic  onto  the  [converged]  IP  envi¬ 
ronment,  we’d  have  to  have  a  compelling  reason.  We 
would  need  to  have  guaranteed  quality  of  service," says 
Ed  Horan,  telecommunications  manager  for  ABN  Amro. 

“I  would  be  putting  my  traffic,  which  I  have  to  have  100% 
reliability,  onto  a  network  that  I  don’t  have  the  guaran¬ 
tees  for’’ 

On  the  other  hand,  Bristol  Myers  Squibb  (BMS)  is 
using  a  converged  IP  network  as  its  primary  transport 
for  video.  Internally,  BMS  has  “overengineered”  its  net¬ 
work  to  create  excess  capacity. This  lets  the  network 
team  provision  3.5M  bit/sec  for  videoconferencing, 
while  most  room  videoconferencing  systems  oniy  run 
at  384K  bit/sec. 

However,  many  BMS  employees  telecommute,  and  this 
has  created  some  quality  problems  because  home  fire¬ 
walls  strain  network  resources  and  reduce  the  quality  of 
videoconferences.  Also,  DSL  services  are  mostly  asym¬ 
metric,  meaning  the  upstrdiun  bandwidth  is  far  lower 
than  the  downstream. This  is  fine  for  data,  but  it  causes 
problems  for  real-time  video,  says  Mark  Lamon,  director 
of  informatics  at  BMS. 

Dow  Chemical  uses  streaming,  videoconferencing  and 
Web  conferencing  extensively  over  a  converged  mostly 
IP  network.  Employees  throughout  the  world  can  com¬ 
municate  and  collaborate  via  nearly  400  interactive  con¬ 
ference  rooms  called  iRooms.and  Dow  constantly  is 
expanding  the  number  of  rooms  and  capabilities. 

While  IP  videoconferencing  in  conference  rooms  is 
beginning  to  take  hold  in  corporations,  few  large  compa¬ 
nies  are  deploying  personal  systems.  And  despite  strides 
some  companies  are  making  in  deploying  converged  iP 
networks,  videoconferencing  generally  is  still  part  of  the 


telecom  world. 

“Deployment  of  IP  networks  for  IP  videoconferencing 
has  stalled  because  videoconferencing  systems  in  the 
field  today  are  used,  by  and  large,  a  low  number  of 
hours  per  month,’ '  Davis  says.’if  you  have  a  system  you 
are  not  using  much,  it’s  hard  to  justify  an  IP  network. 
ISDN  is  cheap  to  have,  but  it’s  more  expensive  to  use." 

What's  on  the  radar  screen 

With  all  the  video  of  product  rollouts  and  executive 
speeches  sitting  on  dusty  shelves,  many  companies  are 
looking  to  repurpose  video,  audio  and  image  assets. 
Digital  asset  management  products  therefore  are  gaining 
traction.  Many  of  these  products  let  users  search  key 
words  that  return  results  corresponding  to  high-resolu¬ 
tion  digitized  multimedia  assets. 

By  year-end,  Dow  will  offer  the  last  18  months  of 
videos  in  a  searchable  format  on  its  intranet. “We  are 
changing  the  way  we  archive  and  access  video  to 
improve  global  access  to  video  resources  and  create 
cost  savings,” says  Christopher  Duncan,  Dow’s  global 
leader  of  e-communication  technology“One  benefit  we 
hope  to  achieve  is  if  a  communication  person  in 
Horgen,  Switzerland,  needs  an  external  video  of  a  plant . 

. .  rather  than  hiring  a  crew,  they  will  be  able  to  just 
search  out  the  type  of  plant  they  are  looking  for”  For 
now,  Dow  will  maintain  a  physical  library  and  the  digital 
video  can  be  viewed  in  low-resolution  on  the  intranet. 

Against  the  backdrop  of  a  hostile  world,  the  increasing 
use  of  broadband  services  has  put  security  on  the  front 
burner. “You  need  real-time  security  says  Gerry 
kaufhold,an  analyst  at  ln-Stat/MDR. “Maybe  your  compa¬ 
ny  is  in  merger  talks  with  another  company  and  you 
don’t  want  people  listening  in  [to  videoconference 
audio]  .’’To  beef  up  security,  network  planners  increasing¬ 
ly  are  looking  at  putting  authentication  and  authoriza¬ 
tion  capabilities  in  middleware  between  many  broad¬ 
band  applications  and  the  network. 

“You’re  not  going  to  get  the  number  and  variety  of 
applications  until  you  get  a  scalable  security  infrastruc¬ 
ture,”  says  Ken  Klingenstein.who  directs  middleware  ini¬ 
tiative  for  Internet  2,  a  consortium  of  universities,  govern¬ 
ment  agencies  and  corporations  developing  applica¬ 
tions  that  exploit  broad  bandwidth.  Both  corporations 
and  service  providers  might  implement  middleware  fea¬ 


Broadband  road  map 


tures  that  protect  broadband  services.“It’s  real  natural 
for  the  last-mile  provider  to  have  a  set  of  servers  physi¬ 
cally  proximate  to  enterprises  where  these  kinds  of  ser¬ 
vices  could  be  used,”  Klingenstein  says. 

Another  area  of  interest  is  application  integration, 
which  will  let  users  access  video,  audio,  images  and  text 
within  many  applications.'Application  integration  lets 
you  use  information  in  the  context  of  how  you  do  busi¬ 
ness,  but  it  places  tremendous  demands  on  bandwidth,” 
Alyeska’s  Barnes  says. 

Companies  expect  to  increasingly  use  real-time  and 
stored  video  as  add-ons  to  Web  conferences,  presenta¬ 
tion  software,  calendar  software,  spreadsheets  and  other 
applications.“Applications  will  work  the  way  people 
want  to  work  ...  in  an  ad  hoc  fashion,”  Wainhouse 
Research’s  Davis  says. 

The  ability  to  locate  collaborators  and  launch  an  un¬ 
scheduled  video  interaction  with  them  from  any  busi¬ 
ness  application  is  often  called  presence. “Eighteen 
months  from  now,  I  don’t  think  we’ll  be  talking  as  much 
about  audio  and  videoconferencing  and  collaboration. 
We  will  be  focused  more  on  the  presence  question,”  says 
Todd  Needham,  manager  of  research  programs  at 
Microsoft. 

Some  corporate  communication  directors  are  pushing 
network  planners  to  take  streaming  video  to  the  next 
level:  24-hour  streamed  enterprise  news  channels.  As 
large  corporations  upgrade  existing  networks,  periodic 
streamed  events  will  evolve  into  constant  streaming  of 
enterprise  newscasts. 

What's  out  there 

Some  broadband  services  currently  in  test  beds  will 
remain  in  the  research  community  for  the  next  few 
years. 

One  such  service  is  HDTV  over  IP  a  project  of  the 
University  of  Washington  and  Internet2.  HDTV  over  IP 
will  ultimately  affect  enterprise  video  applications.“It’s  in 
the  three-  to  five-year  range  for  the  Fortune  1000,”  says 
Jim  DeRoest,  University  of  Washington’s  assistant  director 
of  computing  and  communications.“Because  of  the  res¬ 
olution  available,  it  opens  up  a  whole  area  of  opportuni¬ 
ty  in  [business-to-business]  efforts  for  architectural  firms 
designing  airplanes  or  manufacturing  or  anybody  who 
is  collaborating  in  the  video  space  where  resolution  is 


important.” 

Studio-quality  HDTV,  which  the  University  of 
Washington  has  streamed  uncompressed  at  270M 
bit/sec,  would  absorb  25%  of  an  OC-48  pipe.  However, 
broadcast  quality  compressed  HDTV  streams  run  at  less 
than  20M  bit/sec  and  are  ultimately  more  practical. 

Other  broadband  services  in  test  beds  include  tele¬ 
immersion  and  access  grid. Tele-immersion  takes 
videoconferencing  and  virtual  reality  several  steps  for¬ 
ward.  The  idea  is  that  people  in  one  location  can  feel 
as  though  they  are  in  the  same  office  or  cubicle  with 
one  or  more  collaborators  in  other  locations.Tele- 
immersion  uses  large  screens,  cameras,  advanced 
scanners  and  sensors  to  create  the  “tele-cubicle"  or  the 
“office  of  the  future.” 

A  tele-cubicle  appears  to  become  one  quadrant  of  a 
shared  virtual  office  space. This  space  virtually  com¬ 
bines  furniture  in  two  or  more  tele-cubicles  to  produce 
one  larger  cubicle  or  office  that  several  collaborators  in 
different  physical  locations  share.  Software  intelligently 
retains  or  discards  furniture  and  other  attributes  of  each 
tele-cubicle. 

Access  Grid,  developed  by  Argonne  National 
Laboratory,  is  more  practical  than  tele-immersion. The 
project  uses  room-oriented  semi-immersive  visualization 
systems  that  require  multiple  projectors  and  cameras  in 
each  location.  Access  Grid  allows  video  and  audio  inter¬ 
actions  and  collaborative  capabilities.  Boeing,  Ford, 
Johnson  &  Johnson,  Microsoft  and  Motorola  have  nodes 
on  the  Access  Grid  network  used  primarily  by  university 
and  government  laboratories  globally.  Access  Grid  uses 
Internet2’s  Abilene  backbone,  currently  being  upgraded 
from  2.5G  to  10G  bit/sec.The  backbone  is  multicast  and 
IPv6-enabled  end  to  end. 

While  it  will  take  years  for  most  large  corporations  to 
use  these  futuristic  applications,  other  companies  are 
dipping  their  toes  back  into  broadband  services.  Says 
Scott  Boyer,  vice  president  atYipes  Communications, 
“We’re  noticing  now  there’s  not  so  much  intense  scruti¬ 
ny  about,  Are  you  going  to  be  around  tomorrow  or 
next  month?’” 

Rosen  speaks  on  broadband  topics.  He  is  chief  strategist 
of  Impact  Video  Communication  in  San  Francisco  and  can 
be  reached  at  erosen@impactvid.com. 
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What’s  now:  Companies  are 
deploying  these  today. 

•  Voice  over  IP. 

•  Group  videoconferencing  over  IP. 

•  Web  conferencing. 

•  Streaming. 
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ENTERPRISE  LINUX  SERVER  DISTRIBUTIONS 

Red  Hat  beats  out  UnitedLinux 

■  BY  TOM  HENDERSON,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

hen  we  pitted  Red  Hat  Enterprise  Linux  against  several  flavors  of 
UnitedLinux  to  see  how  each  fared  as  an  enterprise  server  platform,  we 
found  each  edition  of  the  popular  GNU/Linux  operating  system  to  rep¬ 
resent  a  distinct  method  on  how  to  build  bare  metal  into  a  working 
server.  Installation  is  different,  configuration  options  are  different,  and  hardware  sup¬ 
port  varies  across  these  Linux  flavors. 


We  selected  Red  Hat’s  Enterprise  Linux  as  the  Network 
World  Blue  Ribbon  winner  in  this  test  because  while  the 
systems  were  somewhat  comparable  in  terms  of  perfor¬ 
mance  and  management  wares,  Red  Hat  offers  more 
hardware  support,  is  easier  to  configure  and  offers  more 
security  options. 

Red  Hat  Enterprise  Linux  comes  in  numerous  flavors, 
ranging  from  a  $  1 79  desktop/workstation  edition  called 
Enterprise  Linux  WS  Basic  Edition  to  the  Enterprise 
Linux  AS  Premium  Edition  we  tested. The  premium  edi¬ 
tion,  which  costs  about  $2,500,  is  distinguished  from  its 
siblings  by  clustering  capabilities,  additional  hardware 
support  and  service  options. 

UnitedLinux  is  a  consortium  of  product/service  ven¬ 
dors,  comprising  founding  Linux  operating  system  dis¬ 
tributors  SuSE  Linux,  The  SCO  Group,  Conectiva  and 
TurboLinux,  and  application  vendors  such  as  Oracle, 
which  contributed  Oracle  9i  to  the  mix.This  consortium 
is  an  effort  to  bring  a  standard  code,  feature  and  config¬ 
uration  set  to  Linux  distributions  so  that  applications 
developed  under  UnitedLinux  can  take  advantage  of 
standards  in  each  UnitedLinux  product. 

The  code  base  and  infrastructure  of  UnitedLinux  edi¬ 
tions  has  SuSE  Enterprise  Linux  as  an  ancestor.  A  modi¬ 
fied  SuSEYAST2  front-end  installation  program  serves  as 


Net  Results 


a  common  denominator  among  the  four  UnitedLinux 
versions  and  ensures  that  setup  among  the  distributions 
is  identical.  But  after  installation,  each  UnitedLinux  edi¬ 
tion  branches  out  to  suit  a  target  market. 

Initially  all  four  consortium  members  offered  distribu¬ 
tions  for  this  review.  But  SCO  pulled  its  support  for 
UnitedLinux,  and  pulled  out  of  this  review.  (See  www. 
nwfusion.com,  DocFinders:  6429,6430  and  6431.) 

We  reviewed  the  SuSE  UnitedLinux  version  exten¬ 
sively  but  because  the  Conectiva  and  TurboLinux  ver¬ 
sions  are  focused  on  the  Brazilian/Portuguese  speaking 
and  Southeast  Asian  markets,  respectively  we  did  not  test 
them  extensively 

While  neither  SuSE  UnitedLinux  nor  Red  Hat’s  distrib¬ 
ution  strayed  from  its  Linux  Standards  Base  (a  reference 
platform  that  ensures  that  all  applications  can  run 
across  Linux  distributions),  hardware  support  favored 
Red  Hat,  if  only  for  a  larger  driver  base  and  advanced 
hardware  detection.  But  we  found  that  all  hardware 
items  were  discovered  and  configured  correctly  with 
few  mistakes  made  by  each  distribution  vendor.  All 
UnitedLinux  distributions  behaved  identically 

The  custom-installation  option  on  Red  Hat  offers  a 
variety  of  choices  relating  to  what  software  you  want 
installed,  disk  partitioning,  and  boot  loader  selection. 
Alternatively  an  installation  wizard  can  make  these 
choices  for  you.  The  wizard  worked  well  and  mostly 
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Red  Hat  Enterprise  Linux  Advanced  Server  9 


UnitedLinux/SuSE  Enterprise  Linux  Server  8 


Company:  Red  Hat,  www.redhat.com  Price:  $2,499 
(includes  24-7  support);  cost  can  be  reduced  to  $1,499 
for  abbreviated  support  hours.  Pros:  High  hardware 
compatibility,  strong  security  integration,  feature-rich. 
Cons:  Expensive  high-level  support;  occasionally  weaker 
management. 


Company:  SuSE,  Price:  $749  includes  one-year 
maintenance  contract  ($699  each  additional  year). 
Premium  support  costs  $2, 250/year.  Pros:  Uniform, 
strong  management.  Cons:  Minor  availability  issues; 
tougher  to  secure. 
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The  breakdown 

Red  Hat  Enterprise  4|S 
Linux  Advanced  Server 

UnitedLinux  SuSE 

Installation/integration  25% 
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4 

4 

TOTAL  SCORE 

4.13 

4 

made  astute  choices,  although  it  divided  our  disk  arrays 
into  seemingly  bite-sized  devices  with  seven  partitions. 
By  contrast,  the  UnitedLinux  distributions  divided  the 
two  disks  we  used  into  larger  chunks,  which  is  a  better 
way  to  reserve  server  space  for  future  operations. 

Red  Hat  also  let  us  enter  a  network  address,  but  didn’t 
probe  the  network  for  other  settings,  such  as  a  DNS  ser¬ 
ver  or  gateway  and  incorrectly  guessed  what  those  were. 
It  also  identified  sound  devices  that  didn’t  exist  in  our 
hardware.  Red  Hat  easily  understood  the  number  of  plat¬ 
forms  we  installed  it  on,  including  the  symmetric  multi¬ 
processing  boxes. 

Red  Hat’s  wizard  then  let  us  select  high,  medium  or 
low  security  settings,  gradients  that  were  customizable 
after  installation  but  also  have  a  strong  bearing  on  initial 
functionality  The  security  setting  choice  is  important 
because  the  installation  program  leaves  the  server  in 
remarkably  different  conditions  from  a  communica¬ 
tions  standpoint.  Servers  are  used  for  many  purposes: 
For  example,  the  gradient  of  security  needed  to  tailor  a 
server  for  a  Web  server  as  opposed  to  an  application 
server  can  be  very  different.  Red  Hat’s  security  choices 
let  us  easily  position  the  server  for  gradients  of  service 
that  otherwise  take  a  long  time  to  manually  adjust  set¬ 
tings  in  individual  applications. 

The  default  installation  can  place  as  little  as  61M  bytes 
or  as  much  as  1. 5-plus  G-bytes  if  you  install  all  software 
packages  (full  firewall,  e-mail,  Web  services,  develop¬ 
ment  components  and  the  like).  The  drivers  that  the 
operating  system  chose  initially  weren’t  necessarily  the 
most  recent  or  stable  versions,  but  Red  Hat,  like 
UnitedLinux/SuSE,  doesn’t  do  an  Internet  search  to  find 
up-to-date  drivers  such  as  Windows  server  platforms. 

As  previously  mentioned,  the  UnitedL/SuSE  version 
uses  a  rendition  of  theYAST2  installation  program. This 
UnitedLinux  variation  of  YAST2  differs  from  the  tool 
found  in  other  SuSE  versions  in  that  the  default  number 
of  software  packages  installed  is  much  smaller. The  only 
difference  among  the  three  UnitedLinux  installation 
applications  was  the  ability  for  each  application  to  sub¬ 
sequently  install  version-specific  applications  that 
would  run  on  each  server,  such  as  mail,  firewalls  and 
development  environment. 

Each  UnitedLinux  distribution  has  three  common 
CDs,  with  up  to  three  more  offered  that  include  distribu¬ 
tion-specific  add-ons.  These  add-ons  can  be  important; 
we  found  a  dearth  of  useful  tools  in  the  base 
UnitedLinux  and  welcomed  the  SuSE  CD  that  included 
wares  to  configure  network  resources  and  automate  sys¬ 
tem  setup. 

UnitedLinux  correctly  found  all  the  hardware  devices 
in  our  platforms  but  couldn’t  readily  detect  the  four- 

See  Linux,  page  66 
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Xeon  CPU  configuration  in  our  HP  ProLiant 
DL580  server;  Red  Hat  found  it  without 
assistance.  After  we  changed  a  BIOS  value, 
UnitedLinux  correctly  found  the  multi-CPU 
configuration  and  adjusted  to  it. 

Up  and  running 

We  performed  our  tests  on  an  HP  ProLiant 
DL580  server  with  ext3  filing  system,  a  jour¬ 
naled  file  system  that  has  proven  to  be 
more  resilient  than  the  ‘native’  ext2,  the  tra¬ 
ditional  Linux  default  setting,  and  a  RAID  1 
(mirrored  single  drive)  configuration.  Both 
UnitedLinux  and  Red  Hat  recovered  from  a 
simulated  drive  failure. A  simulated  CPU  fail¬ 
ure  test  proved  more  difficult,  as  Red  Hat 
survived  but  UnitedLinux/SuSE  froze.  After 
our  testing,  SuSE  provided  settings  that  it 
said  should  prevent  this  problem. 

Network  load  balancing  on  the  HP 
ProLiant  DL580  also  was  difficult  for  SuSE, 
which  took  about  10  seconds  longer  than 
Red  Hat  to  recover  from  an  ipchained 
(ipchain  is  a  TCP/IP  protocol  management 
method)  network  card  connection  termi¬ 
nation  test. 

Both  distributions  can  emulate  NetWare 
2.X  servers  and  AppleTalk  Servers.  Built  into 
both  is  support  for  Samba,  which  can  emu¬ 
late  Windows  NT  primary  domain  con¬ 
trollers.  We  found  that  the  UnitedLinux/ 
SuSE-specific  controls  gave  us  more  auto¬ 
mated  control  over  Samba. 

Both  UnitedLinux  and  Red  Hat  support  a 
variety  of  VPN  methods,  including  IP  Se¬ 
curity,  Secure  Sockets  Layer,  SOCKS5  and 
even  Microsoft’s  Point-to-Fbint  Tunneling 
Protocol  VPN  method.  Red  Hat  supports 


several  different  encryption  methodolo¬ 
gies,  ranging  from  RSA  RC3  to  Enfish. 

Both  products  support  network  card  traf¬ 
fic  load  balancing.  In  our  tests,  we  found  lit¬ 
tle  difference  between  the  distributions 
because  they  use  similar  applications  for 
load  balancing. 

We  made  several  tech  support  queries  to 
SuSE  and  Red  Hat  using  a  third  party’s  cre¬ 
dentials.  We  sent  via  e-mail  four  questions 
to  both  providers  that  ranged  from  neo¬ 
phyte  to  advanced,  to  both  providers.  Red 
Hat  replied  with  the  answers  within  an 
average  of  two  hours,  and  SuSE  within 
eight.  All  answers  were  correct,  but  the 
replies  from  the  Red  Hat  staff  added  more 
information  about  the  suggestions  they 
proposed. 

Performance 

To  assess  performance,  we  looked  at  two 
types  of  measurements  that  we’ve  also 
used  in  our  Windows  2003  assessment, 
(DocFinder:6423). 

The  first  suite  of  tests  checks  Web  perfor¬ 
mance  characteristics. 

Both  versions  of  Linux  tested  run  Apache 
as  their  Web  engines,  which  we  in¬ 
stalled  on  an  HP  ProLiant  DL580  platform 
(see  How  we  did  it).  Both  versions  per¬ 
formed  comparably  to  each  other  and 
quite  well  against  Win  2003  that  we  tested 
on  the  exact  hardware  platform  two 
months  ago  (see  performance  chart,  right). 

Red  Hat  topped  its  competitors  in  our 
transaction-per-second  test,  in  which  we 
tested  static  Web  page  transaction  cycles  — 
downloading  20  4K-byte  files  per  connec¬ 
tion  as  a  transaction  cycle  and  our  maxi¬ 
mum  open  TCP  connections  test.The  latter 
test  gauges  how  many  open  TCP  connec- 


■  How  we  did  it 

^ 

We  installed  each  of  the  five  GNU/Linux  distributions  on  four  server  plat¬ 
forms: 

•  An  HP  ProLiant  DL580  (four  1.8GHz  Xeon  CPUs;  Compaq  Smart  Array  5; 
twin  Gigabit  Ethernet  ports;  Ermulex  Fibre  Channel  adapter;  2G-byte  DRAM;  with 
two  Compaq  hard  disks). 

•  An  HP  ProLiant  DL380  (two  733MHz  Pentium  III  CPUs;  Compaq  Smart  Array 
3;  twin  Gigabit  Ethernet  ports;  iG-byte  DRAM). 

•  An  HP  ProLiant  ML330  (1.6GHz  Pentium  4  CPU;  Compaq  SCSI  disk  interface; 
single  Gigabit  Ethernet  port;  IG-byte  DRAM). 

•  A  Gateway  1U  Server  (1GHz  Pentium  4  CPU;  internal  ATA-100  interface;  10/100 
port;  two  drives). 

The  servers  were  connected  via  a  Gigabit  Ethernet  switch. 

We  installed  all  five  total  distributions  on  these  five  platforms,  but  focused  most 
of  our  performance  tests  on  the  HP  ProLiant  DL580  platform.  We  tested  to  see  if 
each  platform's  hardware  was  successfully  detected,  and  whether  options  varied 
from  platform  to  platform.  We  also  checked  to  see  if  various  disk  configuration 
options  were  available  for  RAID. 

We  set  up  the  HP  ProLiant  DL580  for  load-balanced  Gigabit  Ethernet  network 
cards  and  then  used  a  Spirent  Communications/C  AW  Web  Avalanche  to  send 
increasing  amounts  of  traffic  to  the  server  for  our  load-balancing  test.  We  ramped 
up  traffic  over  5  minutes  to  see  if  traffic  balanced,  and  as  both  distributions  use 
die  same  applications  to  balance  traffic,  we  detected  no  real  differences  between 
them.  We  also  used  this  test  setup  to  detect  recovery  from  a  cable  failure. 

We  used  Spirent’s  WebAvalanche  benchmarks  to  conduct  our  Web  performance 
tests.  We  ran  tests  to  determine  the  number  of  transactions  processed  per  sec- 
■a  and  the  maximum  number  of  TCP  connections  per  second,  and  found  them  to 
be  good  for  this  class  of  processor/speed. 


Charting  Linux  performance 

Both  Red  Hat  and  UnitedLinux  representative  SuSE  posted  strong  per¬ 
formance  numbers  against  Windows  2003  in  our  Web  server  stress  tests. 

Successful  transactions  per  second* 


Red  Hat  Linux  Advance  Server  9 

1,204 

UnitedLinux/SuSE  enterprise  Linux  Serve 

1,089 

iWIWMiHiWWWW 

Windows  2003  Enterprise  Edition 

994** 

Maximum  open  TCP  connections 


87,202 


79,065* 


Maximum  TCP  connections/sec 


Red  Hat  Linux 


UnitedLinux/SuSE 


Windows  2003 


1,454 


1,844 


1,827* 


*  Successful  transaction/sec  downloading  20,  4K-byte  files. 
**  As  performed  in  a  previous  test  (See  DocFinder  6423) 


tions  (relationships)  the  Web  server  and 
underlying  network  connectivity  can  sus¬ 
tain.  Red  Hat  beat  Win  2003  and  United 
Linux/SuSE  in  the  latter  by  as  much  10% 
and  20%,  respectively 

UnitedLinux  SuSE  edged  out  Red  Hat 
and  Win  2003  to  gain  the  best  numbers  in 
our  test  of  maximum  TCP  connections/sec 
test,  which  measures  the  capacity  of  the 
server  to  respond  to  TCP  session  requests. 

With  a  goal  of  assessing  each  product  as 
it  ships,  we  used  default  settings  for  both 
versions  of  Linux  and  Win  2003,  and  we  do 
not  implement  experimental  settings 
changes  that  vendors  often  suggest. 

In  our  second  set  of  disk  tests,  perfor¬ 
mance  numbers  between  Red  Hat  and 
UnitedLinux  were  within  a  5%  margin.With 
the  journaled  ext3  filing  system  kicked  in 
for  both  Linux  operating  systems  on  the  HP 
ProLiant  DL580  platform,  both  copied  large 
files  8%  faster  (after  a  5%  margin  of  error) 
than  Win  2003.  For  example,  an  interfolder 
file  copy  using  cp,the  Linux  copy  function, 
of  an  800M  byte  file  took  32  seconds  to 
copy  under  UnitedLinux/SuSE,  whereas 
using  a  CMD  copy  command  under  Win 
2003  took  40  seconds  to  execute. 

Red  Hat  consistently  recovered  from  sim¬ 
ulated  outages  more  quickly  than  United¬ 
Linux/SuSE  but  within  the  margin  of  error. 

We  installed  the  K  Development  Environ¬ 
ment  user  interface  on  Red  Hat  and  were 
impressed  by  the  number  of  tools  Red  Hat 
supported,  including  a  service  configura¬ 
tion  that  let  us  enable  service  daemon 
launch  and  sculpt  command-line  argu¬ 
ments  associated  with  them.  A  Kickstart 
Configuration  tool  sets  up  basics  quickly, 
such  as  server  authentication  methods 
(such  as  Lightweight  Directory  Access 
Protocol,  Samba  and  so  on),  network,  fire¬ 
wall,  boot  options,  installed  software  pack¬ 
ages  and  the  like.YAST2  doesn't  provide  as 
many  configuration  options  in  a  GUI  until 


UnitedLinux-specific  extensions  are  added. 
When  they  are,  UnitedLinux/SuSE  comes 
much  closer  to  Red  Hat’s  options,  but  still 
lacks  both  management  options  and  struc¬ 
ture  for  them. 

Deciding  factor 

As  the  comparable  performance  num¬ 
bers  show,  these  products  are  both  basic 
Linux  at  the  core.  But  in  the  end,  we  were 
decidedly  more  satisfied  overall  with  Red 
Hat’s  hardware  integration  strengths  and 
security  configuration  options. 


Henderson  is  principal  researcher  for 
ExtremeLabs,  of  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs.com. 


Global  Test  Allianc 


■  Henderson  is  a  member  of  the 
Network  World  Global  Test  Alliance,  a  coop¬ 
erative  of  the  premier  reviewers  in  the  net¬ 
work  industry,  each  bringing  to  bear  years 
of  practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 

Other  members:  Mandy  Andress, 
ArcSec;  John  Bass.  Centennial  Networking 
Labs,  North  Carolina  State  University:  Travis 
Berkley,  University  of  Kansas;  Bob  Currier, 
Duke  University:  Jeffrey  Fritz,  University  of 
California,  San  Francisco:  James  Gaskin. 
Gaskin  Computing  Services;  Greg  Goddard, 
University  of  Florida:  Miercom,  Network  con¬ 
sultancy  and  product  test  center;  David 
Newman,  NetworkTest;  Christine  Perey, 

Perey  Research  &  Consulting;  Barry  Nance, 
independent  consultant.  Thomas  Powell, 
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See  old  apps  combine  with  new  apps. 
See  customers  connect  with  partners. 
See  today’s  stuff  click  with  tomorrow’s 


the  leading  integration  software  for  the  on  demand 


WebSphere  Business  Integration  is  far  and  away 
era.  Open  and  flexible,  WebSphere  lets  you  mpdei,  integrate  and  manage  all  of  your  business 
processes.  WebSphere  delivers  an  infrastructure  that  quickly  responds  to  change,  meeting  business 

and  case  studies,  visit  ibm.com/websphere/seeit 


demands,  on  demand.  For  an  Integration  InfoKit 


trademarks  of  International  Business  Machines  Corporation  in  the  United  Stales  and'or  othef 
ireen  Study  Application  Integration  Executive  Summary  2003."  e  2003  WinterGreen  Research, 'Inc.' 


IBM.  WebSphere,  the  e-business  logo  and  e-business  on  demand  are  registered  tradem, 
countries.  Certain  information  contained  within  this  advertisement  is  based  on  results  of  the  \ 
2003  IBM  Corporation  All  rights  reserved. 
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Delivering  ‘plugand-play’  network  monitoring 


BY  BARRY  NANCE,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


OCULAN  250 
NETWORK 
APPLIANCE 


Is  plug-and-play  network  monitoring  a  misnomer  —  or  the  future?  Installing 
traditional  network  monitoring  software  on  a  dedicated  machine  or  a  non¬ 
busy  server  isn’t  too  difficult.  However,  the  idea  of  getting  a  monitoring  tool 
pre-installed  on  a  keyboardless,  rack-mountable  computer  is  intriguing  and 
compelling,  especially  for  small  networks  with  few  spare  computers. 


Oculan  says  its  Oculan  250  appliance  is 
the  right  tool  for  companies  that  want 
comprehensive  network  monitoring  but 
don’t  want  the  hassle  of  buying  a  server, 
configuring  and  installing  the  monitor¬ 
ing  package  along  with,  perhaps,  Web 
server  and  database  server  components. 

We  found  that  the  Oculan  250  offers 
excellent  device  discovery,  a  range  of 
useful  monitoring  features,  timely  notifi¬ 
cations  of  network  events,  helpful 
reports  and  an  intuitive,  responsive  user 
interface.  On  the  other  hand,  we  found 
some  bugs,  such  as  the  software  occa¬ 
sionally  crashing  or  emitting  Web  pages 
with  missing  pushbuttons,  and  we  had 
problems  with  the  documentation  (see 
How  we  did  it  at  www.nwfusion.com, 
DocFinder:6433). 

A  heavy-duty  appliance 

The  Oculan  250  is  a  rack-mountable, 
2U,  Intel-based  computer  running  Red 
Hat  Linux.  An  Apache  Web  server  pro¬ 
vides  the  user  interface’s  HTML,  and  a 


Net  Results 


Oculan  250 
Version  4.0.2.1 


OVERALL  RATING 

4A 


Company:  Oculan,  (800)  247-5080  Cost: 
About  $10,000  for  up  to  25  devices,  25 
servers  and  250  desktops.  Pros: 
Comprehensive  monit¬ 
oring  features;  quick 
device  discovery;  exce¬ 
llent  user  interface. 

Cons:  A  few  bugs;  no 
printed  documentation. 


The  breakdown 


Monitoring  30% 


Discovery  30% 


Usability  20% 
Documentation  10% 


Installation  10%  3 
TOTAL  SCORE  4.0 


IK  Scoring  Key:  5:  Exceptional; 
4:  Very  good;  3:  Average:  2:  Below 
overage;  1:  Consistently  subpar 


Fbstgres  database  stores  network  event 
details  and  asset  inventories.  Most 
Oculan  software  is  written  in  Java  and, 
although  it  runs  within  one  computer, the 
software  has  a  three-tier  architecture. 

The  Oculan  250s  monitoring  features 
are  certainly  comprehensive.The  device 
detects  outages,  records  network  events, 
sends  notifications,  tracks  assets,  pro¬ 
duces  reports,  identifies  vulnerabilities, 
monitors  Windows  server  performance 
factors,  measures  network  performance 
and  watches  for  intrusions. 

One  appliance  can  monitor  a  network 
of  up  to  25  devices,  25  servers  and  250 
desktops,  making  it  appropriate  for  small 
to  midsized  networks.  You  can  install 
multiple  250s  on  a  network,  but  the 
devices  don’t  coordinate  with  others  by 
sharing  event  data  or  asset  lists.  For  larger 
networks,  Oculan  points  to  its  recently 
announced  OpticNerve  product.  The 
Oculan  250  polled  the  services  running 
on  our  servers  and  devices  every  5  min¬ 
utes  (the  default), and  we  could  set  each 
separate  service’s  polling  interval  to  one 
of  five  choices:  1  minute,  3, 5  or  15  min¬ 
utes,  or  1  hour.  But  it  missed  detecting 
momentary  events  where  the  failure  and 
recovery  occurred  within  the  polling 
interval.  The  device  can  only  peripher¬ 
ally  monitor  for  service-level  agreement 
compliance. 

The  appliance  can  poll  about  22  types 
of  network  services,  including 
Citrix,  Domino  Internet 
Inter-ORB  Protocol, 
DNS/Dynamic  Host 
Configuration  Proto¬ 
col,  FTRHTTPSimple 
Mail  Transfer  Pro¬ 
tocol,  POP3,  Internet  Message  Access 
Protocol,  SNMP  and  Lightweight  Direct¬ 
ory  Access  Protocol.  It  also  can  poll  data¬ 
base  servers  running  Informix,  MySQL, 
Oracle,  Fbstgres,  SQL  Server  and  Adaptive 
Server.  The  appliance  separately  moni¬ 
tored  our  Internet  connection  and,  once 
we  enabled  each  server’s  Windows 
Management  Interface,  gathered  asset 
detail  and  performance  statistics  from 
our  Windows-based  servers. 

Statistics  monitored  include  CPU  uti¬ 


lization,  physical  memory,  network 
adapter  and  disk  information,  operating 
system  details,  installed  applications, 
services  running  in  the  background  and 
resource  usage  figures.  Collecting  and 
reporting  this  level  of  asset  and  perfor¬ 
mance  data  is  a  big  help. 

The  appliance  made  quick  work  of  dis¬ 
covering  the  devices  on  each  network 
segment  (IP  address  range)  we  asked  it 
to  monitor.  The  notification  feature 
promptly  sent  us  e-mail  and  pager  alerts 
for  different  types  of  problems,  including 
“authenticate  failure”  and  “interface 
down.”  Furthermore,  we  could  set  up  sep¬ 
arate  targets  for  categories,  such  as  “ad¬ 
min,”  “desktop”  and  “security’ To  our  de¬ 
light,  the  notification  feature  was  more 
sophisticated  than  we  expected. 

Similarly,  report  selection  let  us  choose 
the  kind  of  data,  the  time  interval  to  re¬ 
port  on  and  whether  we  wanted  the  re¬ 
port  in  Adobe  Acrobat  PDFWeb  page  or 
e-mail  format.  However,  some  reports 
were  available  only  in  one  format.  The 
reports  displayed  SNMP  data  and  per¬ 
formance,  availability  and  outage 
details,  security  summaries,  intrusion 
attempts,  vulnerabilities, system  invento¬ 
ries  and  system  performance  data. 

The  intrusion-detection  system  worked 
well,  as  did  the  vulnerability  scan,  which 
recommended  specific  security  patches 
and  configuration  changes  for  the 
servers  we  scanned.  Oculan  says  vulner¬ 
ability  knowledgebase  updates  and  the 
intrusion-detection  library  of  exploits 
and  signatures  are  included  in  the  one- 
year  warranty  Thereafter,  maintenance 
fees  will  keep  the  device’s  knowledge¬ 
base  and  library  up  to  date. 

Use  and  care 

The  appliance’s  Web  interface  is  well 
designed  and  responsive.  Its  top-level 
menu  is  a  set  of  links  to  data  displays  or 
further  menus  on  outages,  events,  notifi¬ 
cations,  assets,  reports,  vulnerabilities,  sys¬ 
tem  lists,  security,  performance  tools 
(such  as  traceroute  and  ping),  appliance 
administration  and  product  help.  To 
avoid  showing  stale  data,  the  interface 
automatically  refreshes  every  minute. 


Specifying  our  network’s  segments  to 
the  device  by  supplying  our  IP  address 
ranges  was  painless.  Because  the 
Oculan  250  tracks  each  IP  address  or 
address  range  separately,  we  easily 
could  delete  or  modify  an  address  or 
range  without  disturbing  the  others.This 
thoughtful  design  is  apparent  through¬ 
out  the  interface’s  various  Web  pages. 

We  encountered  a  few  bugs  when  add¬ 
ing  an  IP  address  range  on  the  Intrusion 
Home  Network  Configuration  page:  The 
tool  told  us  a  “save  settings”  option  would 
next  appear,  it  appeared  but  was  unclick- 
able.  On  occasion,  performing  a  vulnera¬ 
bility  scan  crashed  the  Oculan  software. 
Infrequently,  other  stray  bugs  revealed 
themselves  by  displaying  Java  error 
codes. To  its  credit,  the  tool  gracefully  re¬ 
covered  from  these  bugs. 

We  were  disappointed  in  the  docu¬ 
mentation  provided,  which  consisted  of 
a  pair  of  Adobe  Acrobat  PDF  files  down¬ 
loadable  from  the  device.  Using  the 
product’s  help  button  redirected  the 
browser  window  to  Oculan’s  support 
site,  which  offered  no  help  on  the  250. 

We  ignored  the  single-page  installation 
guide  Oculan  supplied  with  the  unit  be¬ 
cause  it  was  wrong.  A  technical  support 
call  pointed  us  to  PDF  files,  which  accu¬ 
rately  guided  us  through  the  installation 
and  initial  configuration.  For  after-hours 
support,  we  left  voice  mail,  but  callbacks 
occurred  within  an  hour  or  so. 

All  things  considered,  we  liked  the 
Oculan  250.  Many  of  its  features  are 
especially  noteworthy.  The  intrusion- 
detection  component  is  state  of  the  art, 
the  vulnerability  checker  is  quite  thor¬ 
ough,  and  the  Windows  server  asset 
detail  collector  is  encyclopedic.  It’s  a 
worthwhile  monitoring  tool  for  small 
networks,  and  it  indeed  is  plug-and-play. 

Nance,  a  software  developer  and  con¬ 
sultant,  is  the  author  of  Introduction  to 
Networking,  4th  Edition  and  Client/ 
Server  LAN  Programming.  He  can  be 
reached  at  barryn@erols.com.  Nance  is 
also  a  member  of  the  Network  World 
Global  Test  Alliance,  a  cooperative  of  the 
premier  reviewers  in  the  netuxjrk  industry. 
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Driver  me  crazy 

continue  to  have  entropy.  If  you  reject  unau¬ 
thenticated  drivers  or  those  not  the  result 
of  an  operating  system  vendor  certifica¬ 
tion/authentication  program,  you’ll  often 
be  left  high  and  dry 


What  are  your  options?  Complain 
loudly.  Buy  elsewhere.  Or  demand  that 
everyone  work  together  to  get  a  fair  and 
reasonable  methodology  for  fixing  the 
problem.  Lacking  that,  continue  to  buy 


aspirin  in  bulk. 

Henderson  is  principal  researcher  for 
ExtremeLabs,  of  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs.com. 


Drivers: You  can’t  live  with  them, you 
can’t  live  without  them. They’re  the 
glue  that  holds  hardware  designs 
and  operating  systems  together,  a  glue  that 
can  be  as  strong  as  steel  or  as  weak  as  rub¬ 
ber  cement  on  a  hot  day  In  more  than  20 
years  of  network  computing,  we  haven’t 
straightened  out  the  mess  associated  with 
these  pieces  of  code  that  run  our  comput¬ 
ing  lives.They’re  tough  to  document,  tough 
to  install,  and  the  devil  to  keep  fresh. 

Once  a  great  hope  for  stability  driver  cer¬ 
tification  programs  have  become  just 
another  profit  center  for  operating  system 
makers,  say  hardware  makers,  and  they’re 
partially  right. We  all  suffer  for  lack  of  cross¬ 
industry  standards  for  everything  from  dri¬ 
ver  nomenclature  to  traceability 
For  example,  while  Microsoft,  the  Linux 
Standards  Base  and  others  have  set  engi¬ 
neering  standards  for  revision  control 
numbering,  driver  makers  can  do  as  they 
please, suiting  themselves  rather  than  the 
needs  of  network  engineering  personnel. 

The  hope  was  that  this  wouldn’t  happen. 
Novell  started  one  of  the  first  network 
hardware  certification  programs,  and 
Microsoft  and  others  copied  it.  In  the  land 
of  Linux,  BSD  (and  Darwin),  and  Solaris, 
things  are  only  slightly  less  chaotic. 

What’s  the  root  of  the  problem?  Driver 
certification  is  expensive  for  hardware  ven¬ 
dors  and  it  adds  significantly  to  time  to 
market  cycles.  Take  six  current  versions  of 
Windows,  two  of  MacOS,  three  of  NetWare, 
two  kernels  of  Linux  and  so  on,  and  you 
can  understand  why  hardware  vendors 
reel  at  the  costs  of  supporting  their  prod¬ 
ucts  under  the  aegis  of  various  driver  certi¬ 
fication  programs. 

One  of  the  great  pains  of  deploying  a 
new  operating  system  is  that  these  new 
operating  systems  don’t  always  come  with 
the  latest  and  greatest  drivers  in  the  distrib¬ 
ution  CDs.  Having  fresh  drivers  would  give 
you  a  pleasant  out-of-box  positive  experi¬ 
ence  —  or  at  least  that’s  the  hope. 

Instead,  the  onus  is  on  the  buyer  to  chase 
down  driver  software  for  each  device  in 
each  system.  The  purchaser/installer/ad¬ 
ministrator  then  must  hope  the  driver  is  cor¬ 
rect  for  the  platform,  and  with  some  luck, 
might  have  the  distinction  of  being  certi¬ 
fied  by  the  operating  system  vendor  and 
authenticated  with  a  digital  certificate. 

In  our  recent  lab  tests,  whether  on  Win¬ 
dows,  Linux,  MacOS  or  xBSD  platforms, 
the  biggest  problem  has  come  from  dri¬ 
ver  updates  and  synchronization.  What 
could  have  been  a  miracle  in  stability,  re¬ 
liability,  and  even  cost-effectiveness 
has  been  dashed  against  the  rocks  of 
complacency. 

Lacking  standards  and  protocols  for  de¬ 
vice  drivers  and  downloaded  files,  we’ll 


Complimentary  Event  for  Qualified  Attendees! 


Viruses.  Hackers.  Disgruntled  employees.  Your  corporate  network 
faces  endless  security  threats.  And  as  more  laptops,  PDAs  and 
mobile  devices  access  networks,  your  exposure  only  increases. 

In  a  recent  Computer  Security  Institute  survey  more  than  90% 
of  respondents  reported  a  security  breach  within  the  past  18  months. 
And  80%  of  those  suffered  a  financial  loss.  So  it's  not  enough  for  an 
IT  manager  to  simply  secure  the  perimeter.  Your  strategies  must  reach 
deeper  into  the  network  as  well  as  out  to  the  devices  that  access  your 
system.  Do  you  have  the  answers  you  need  at  every  point. ..port-level 
firewalls,  intrusion  detection  and  prevention,  802. lx  wireless  protection? 
Do  you  know  the  right  questions  to  ask?  And  are  you  getting  real 
solutions  that  help  you  defend  and  win  enterprise-wide? 


Join  us  for  Network  World's  Security  Technology  Tour:  "Protecting  the 
Enterprise  and  its  Assets."  Let  security  expert  Joel  Snyder  and  other  top 
security  companies  show  you  how  to  choose  and  implement  the  most 
effective  and  efficient  tools  for  your  network.  This  one-day  seminar  is 
free  to  qualified  professionals,  but  space  is  limited.  Register  now  to 
be  safely  included! 


Learn  the  Latest  about  Security 


■  Conduct  vulnerability  assessments 

■  Embed  security  in  handhelds, 
laptops  and  other  mobile  devices 

■  Deploy  intrusion  detection  and  tools 

»  Select  the  right  VPN  for  your 
prevention  environment 

■  Ensure  end-to-end  security  for 
broadband  and  wireless  users 

■  Develop  and  testing  on-site  and  off¬ 
site  disaster  recovery/backup  plans 

■  Improve  network  protection  with 
common  tools  such  as  firewalls  and 
virus  scanners 


PRE-REGISTRATION  FOR  THIS  COMPLIMENTARY  EVENT  IS  REQUIRED.  RESERVE  YOUR  SEAT  NOW! 

0nlineatwww.nwfusion.com/events/security2  or  call  1-800-B43-4BB8 

PLATINUM  PRESENTING  SPONSORS:  GOLD  EXHIBITING  SPONSORS: 


Cisco  Systems 
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Protection  by  Proyen  Intent 
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Global 
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Secure  Identity  Moneyenynl 


This  event  is  limited  to  Network  and  IT  professionals  involved  in  the  evaluation  and  purchase  of  Security  products  and  services.  Network  World 
reserves  the  right  to  determine  the  audience  profile  of  attendees  participating  on  a  complimentary  basis.  Paid  registration  is  also  available. 

To  sponsor  this  Network  World  event  or  if  you  are  interested  in  on-site  training  for  your  company, 
contact  Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com. 
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Talking  the  talk 

Tips  for  improving  communication  with  business  management  from  an  IT  consultant. 


■  BY  BARTON  MCKINLEY 

Over  the  years,  I’ve  become  a  frequent  traveler  in  the  noman  s-land 
between  IT  and  business  groups.  In  most  cases,  both  sides  cannot 
talk  to  each  other. 


This  isn’t  much  of  a  revelation;  it’s  just  the 
way  things  are.  Most  business  people  talk  in 
terms  that  relate  to  their  core  interests,  dis¬ 
cussing  issues  of  time,  money  process  and 
turf.  Of  course,  techies  have  their  own  inter¬ 
ests  and  priorities,  and  they  talk  another 
language  altogether. 

For  IT  management,  this  presents  a  prob¬ 
lem  you  must  learn  to  overcome.  It’s  imper¬ 
ative  that  you  can  speak  with  your  business 
counterparts  and  superiors  who  are  not 
going  to  learn  to  “talk  tech.” 

Fortunately  this  isn’t  as  hard  as  it  seems. 
By  applying  three  simple  rules,  IT  managers 
can  greatly  improve  communications  with 
their  business  contacts.  I’ll  draw  on  some 
specific  IT  projects  to  help  explain.  The 
names  of  the  people  involved  have  been 
removed  to  protect  the  reticent. 

Simplify 

About  three  years  ago,  I  was  consulting  on 
the  selection  and  implementation  of  a 
desktop  management  system  for  3,000  PCs. 
This  was  a  multimillion-dollar  project. 

The  IT  group  wanted  something  with  a  lot 
of  bells  and  whistles  but  couldn’t  agree  on 
the  details.They  argued  among  themselves. 
Topics  ranged  from  which  products  should 
be  evaluated  to  what  types  of  reporting 
would  be  needed  to  whether  servers  and 
mainframes  also  should  be  managed.There 
was  no  dear  agenda,  scope  or  focus. 

They  were  also  upset  with  business  man¬ 
agement  whom  they  said  were  “stupid”  and 
“weren’t  listening.” 

Meanwhile,  business  management  said 
the  IT  people  were ‘too  impatient, "“too  free 
with  money”  and  didn’t  “understand  the 
issues.”  They  wanted  to  know  why  the  pro¬ 
ject  was  worthy  of  discussion  and  what 
benefits  it  would  provide. 

In  truth,  the  technical  people  had  done  a 
p<.K>r  job  of  explaining  the  project,  such  as 
the  purpose  and  requirements. 

Management  was  thinking  of  canning 
the  project. 

To  get  things  rolling  again,  I  organized  sev¬ 


eral  sessions  in  which  the  technical  staff 
and  I  distilled  the  many  issues,  standards 
and  technical  details  down  to  a  clear  set  of 
requirements  and  actions.  Next,  we  worked 
out  anticipated  costs  and  a  realistic  sched- 


Tips  and  tricks 

Here  are  some  methods  to  help 
break  down  communication 
barriers  between  IT  and  business 
departments. 

Simplifying 

Use  diagrams,  charts  and 
examples. 

Stick  to  the  basics  when  explaining 

IT,  but  be  ready  for  questions. 

Keep  documents  and  discussions 
short  and  focused  on  specific 
tasks,  goals,  requirements  and 
benefits. 

Listening 

<£ 

Always  take  notes. 

• 

Supplement  meetings  with 
questionnaires. 

♦ 

Work  through  issues  in  a  guided 
workshop  if  necessary. 

. 

Appoint  a  dedicated  business 
liaison. 

Quantifying 

Detail  project  timeframes  and 
resource  requirements. 

Show  dollar  costs  over  time, 
including  total  cost  of  ownership 
and  ROI. 

Present  metrics,  histories  and 
trends  for  network,  application  or 
system  performance. 


ule  for  the  project. 

Finally  we  identified  the  principal  benefits 
and  risks  of  the  project,  linking  any  techni¬ 
cal  gain  to  a  tangible  business  benefit.  For 
example,  implementing  a  new  desktop 
management  services  suite  and  remote 
diagnostics  were  linked  to  leveraging  of 
prior  investment  and  a  reduction  in  annual 
help  desk  costs. 

When  we  presented  the  plan,  details  were 
supplemented  with  figures  and  diagrams. 
Business  received  a  full  explanation  of  pro¬ 
ject  goals,  scope  and  cost.  And  while  there 
were  some  more  questions,  the  project  got 
the  nod  and  work  started. 

In  essence,  we  focused  our  message,  re 
moving  extraneous  technical  details. 
Simplify  all  aspects  of  communication  with 
your  business  counterparts. 

Listen 

On  a  more  recent  project,  the  client  was 
rolling  out  a  Web-based  application  for 
more  than  4,000  users.  Management  want¬ 
ed  IT  to  develop  a  robust  network  and 
security  architecture  in  order  to  replace  a 
mix  of  dial-up,  ISDN  and  LAN  services. 

The  client  had  tried  for  months  to  explain 
its  goals  and  requirements  to  IT. 
Unfortunately  its  explanations  were  vague 
and  didn’t  provide  the  type  of  information 
that  IT  management  needed  for  planning. 

For  example,  the  client  wanted  the  archi¬ 
tecture  to  support  aggressive  user  response 
times  but  didn’t  know  how  much  traffic  the 
application  would  generate.  On  the  flip 
side,  IT  hadn’t  asked  important  questions. 

Both  groups  were  frustrated.  Business 
management  suggested  that  IT  was  being 
dismissive  and  wasn’t  listening.  Coinci¬ 
dentally  IT  management  wondered  if  their 
business  peers  knew  what  they  wanted. 

So  on  behalf  of  IT  management  1  met  with 
business  management  and  asked  questions 
about  the  project  —  who,  what,  where, 
when,  why.  We  also  discussed  their  ideas 
and  concerns  for  the  future  of  the  project 
and  how  they  felt  that  IT  could  help.  When  I 
reported  to  IT  management,  the  group  sent 
me  back  with  questions  of  its  own. 

This  went  on  for  about  three  weeks.  In  the 
process,  IT  executives  began  to  listen  to 
what  their  counterparts  had  to  say  (and 
vice  versa).  The  needed  information  was 
collected, requirements  were  defined, and  I 


completed  the  architecture. 

To  get  the  information  you  need  from 
business  management,  ask  cogent  ques¬ 
tions  and  really  listen  to  the  answers. 

Quantify 

For  another  project,  I  worked  on  an  IT 
audit  and  upgrade  plan  for  a  national 
agency  with  a  central  office. 

Before  the  plan  was  finished,  an  internal 
group  decided  to  make  greater  use  of  their 
Graphical  Information  System,  which 
meant  an  increase  in  GIS  traffic  on  the  cor¬ 
porate  Ethernet. 

The  GIS  group  was  a  minority  among  the 
hundreds  of  users  on  this  network.  Just  the 
same,  they  wanted  the  network  upgraded 
from  10M  to  1G  bit/sec  so  they  would  have 
improved  turnaround  on  their  GIS  queries. 

Naturally,  this  idea  did  not  sit  well  with  IT 
management,  who  felt  that  the  requested 
upgrade  would  disrupt  operations, at  great 
cost,  with  little  justification. 

Things  heated  up  when  the  GIS  group  got 
business  management  to  endorse  its  plan 
as  a  strategic  imperative.  IT  management’s 
concerns  were  insufficient  to  dissuade 
their  counterparts. 

So  IT  management  monitored  the  GIS 
traffic  and  used  the  collected  data  to  cal¬ 
culate  realistic  bandwidth  requirements 
and  formulate  a  new  upgrade  plan.  They 
compared  the  new  plan  with  a  full  up¬ 
grade,  on  the  basis  of  cost  and  effort. 

Armed  with  real  measures,  calculations 
and  costs,  IT  management  convinced  busi¬ 
ness  management  that  a  full  upgrade  was 
unnecessary.  As  a  result,  the  GIS  group  was 
content  in  getting  a  100M  bit/sec  virtual 
LAN,  and  business  went  back  to  normal. 

To  help  make  your  case  with  business 
management,  quantify  the  details  and 
focus  on  the  facts. 

Naturally,  there’s  always  more  to  the  inter¬ 
action  between  IT  and  business  manage¬ 
ment  that  hasn’t  been  mentioned  here.  But 
if  you  remember  to  simplify  listen  and 
quantify  you’ll  find  that  no-man ’s-land  isn’t 
as  tough  to  cross  as  it  used  to  be. 

McKinley,  president  of  Summit  Commun¬ 
ications,  is  a  seminar  leader  and  IT  consul¬ 
tant  specializing  in  network,  security  and  IT 
business  alignment  strategies.  He  can  be 
reached  at  strategist@summit<om. 
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Consolidate  control  of  your  server 
room  with  powerful  AMX  switching 

Advantage:  Avoc  ent 
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EASIER  TO  USE 

•  Auto-configuration  simplifies  set-up.  The  system  automatically 
addresses  the  ports,  appliances  and  computers  for  you 

•  Intelligent  AMIQ  interface  modules  remember  your  configuration, 
so  it's  easy  to  install,  maintain  or  move  your  servers 

•  Graphical  AMWorks  administration  software  and  mouse-driven 
on  screen  menus  are  simple  to  navigate  and  control 

MORE  ADVANCED  FEATURES 

•Scalable  architecture  grows  with  your  server  room 

•Supports  multi-rack  PS/2,  Sun  and  USB  server  environments 

•  Full  non-blocked  access  to  servers  and  serial  devices 

•  End-to-end  CAT  5  connections 

•  Save  rack  space  -  1  U  switch  supports  up  to  8  users  and  32 
servers;  2U  switch  supports  up  to  16  users  and  64  servers 

•  Multi-level  security  and  password  protection  for  each  user 

•  Multiple  users  can  share  access  to  the  same  server 

•  Share,  private,  scan  mode  available  to  all  users 
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Smarter,  Simpler  KVM  Switching 


•  AMIQ  computer  interface  module  retains  the  unique  ID  and  server  name, 
so  reconfiguration  and  expansion  is  as  simple  as  switching  the  cable 

•  Exclusive  AutoTuning™  optimizes  video  performance  over  UTP  cable,  at 
any  distance 

•  Build  customized  user  profiles  and  centralize  control  of  connected  servers 
with  AMWorks  -  Java-based  system  software  included  with  each  switch 

•  All  system  components  can  be  flash  upgraded  simultaneously  with  just  a 
few  clicks  of  the  mouse 
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Call  for  an  Avocent  Authorized  Reseller  near  you 

1*866*286*2368 


Make  the  smart  switch.  Download  our  Definitive  KVM 

Buyer’s  Guide  at  www.avocent.com/advantage 

or  call  T866-286-2368. 

Avocen-.  the  Avocent  logo,  Auto  View,  AutoTuning,  AVWorks.  KVM  OVER  IP  and  The  flower  of  Being  There  are  trademarks  of  Avocent 

Corporation.  Copynght  C  2003  Avocent  Corporation. 
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Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 


IPs 


Ultra  Link" 


Connects  to  standalone  computers  or  any  KVM  switch 
High  quality  16-bit  video  at  up  to  1280x1024  resolution 

Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

Encrypted  communication  produces  highly  secure  operation 
Scaling  and  scrolling  features  for  maximum  flexibility 
Single  mouse  cursor  simplifies  user  interface 
See  four  servers  from  one  screen  with  quad  screen  mode 
Lifetime  free  flash  upgrades 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 

Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 


WWW.ROSE.COM 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +617  3427  5353 
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There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


irver 

Vn 


Expert 

Observer 

*2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  *44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 
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©2002  Network  Instruments,  LLC  Observer.  “Network  Instruments'’  and  the  "N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


Command  Your  Network 
With  Cyclades 


Console  Management 


Power  Mana 


Selecting  the  right  components  for  your 
network  is  often  a  challenging  decision. 


With  our  AlterPath  PM8,  you  can  remotely  Opfiff 

re-boot  your  system  with  just  a  few  mouse  clicks.  w|j| 

By  integrating  the  AlterPath  PM8  with  our  Jk'" 

award-winning  AlterPath  ACS,  you  combine  f*C.: 

power  and  console  management.  Now  you  can  Iggr 

command  all  your  infostructure  with  secure  authentication 
and  bulletproof  encryption  as  demanded  by  todays' 
mission-critical  applications  all  in  one  single  session  -  anytime,  anywhere. 
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AlterPath 


ACS 


Security 


AlterPath  PM8 


Integrated  Power 
and  Console 


Power 


Daisy  Chain 


Console  and  power  control  from  one  session, 
no  need  to  memorize  ports  and  addresses 

SSH  v2,  strong  authentication,  encryption  and 
IP  filtering  on  both  power  and  console  access 

Daisy  chain  power  distribution  units  to  control 
any  number  of  devices  from  a  single  serial  port 


Control 


Best  Hardware  for 
Unux  since  1995' 


www.cyclades.com/nw 

1 .888. cyclades 
sales@cyclades.com 


eye  lade 
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NetworkWorld 

~~  THE  HUB  OF  THE  NETWORK  BUY 


western  telematic  incorporated 
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"Keeping  the  Net.. .Working!" 


Yes,  you  can  switc 
ewer  over  the  Internet... 
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INTERNET  POWER 


■  Web  Browser  Access  for  Easy  Operation 

■  Telnet  and  Serial  Access 

■  Encrypted  Password  Security 

■  Expandable  to  Five  (5)  Individual  Outlets 

■  Each  Outlet  can  Switch  a  15  Amp  Load 

■  On  /  Off  /  Reboot  Switching 


www.wti.com  i8oo)  854-7220 


Servers,  routers,  and  other  electronic 
equipment  sometimes  “lock-up,” 
often  requiring  a  service  call  to  a 
remote  site  just  to  flip  the  power 
switch  to  perform  a  simple  reboot... 

The  IPS-15  gives  you  the  ability  to 
perform  this  function  from  anywhere! 


LOCATION:  IPS-15  Live  Demo  Unit 
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Setup  | 

Logout  | 

Refresh  | 

Apply) 

Cancel  | 

Expandable! 
Using  IPS  Satellite  Units... 
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Connect  with  ease! 

RS-232,  RS-422  &  RS-485  serial  connectivity  for  a  wide  variety  of  applications 


ESP  Family  of  Serial  Hubs 

Connect  serial  ports  at  the  point  of  need  and 
eliminate  cabling  nightmares.  ESP  Multi-Interface 
models  support  RS-232,  RS-422  and  RS-485 
serial  protocols  for  a  wide  range  of  applications. 


NEW!  ESP-2  Ml 


ESP-2  Ml  Serial  Hub 

The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port 
serial  hub  that  provides  versatile  RS-232,  RS-422 
and  RS-485  support  for  industrial/manufacturing 
and  commercial  applications. 


Call  today  for  a  FREE  30-day  product  evaluation:  1-800-275-3500,  Ext.  615  or  954-746-9000,  Ext.  615 
Ef  iail:  sa!es@equinox.com  -  intlsales@equinox.com.  For  more  information  visit  www.equinox.com 
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SSH  or  Out- Bant!  Access  tu 
Consoles  at  Remote  Losatimjis 


■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 

■  SNMP  Capability 

■  Any-to-Any  Port  Switching 

■  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  1 1 5/230VAC  or  -48VDC  Models 

The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the  Visit  WebsitB  for  Complete  NetRedCh™  product  line. 

SCM-16  serial  outputs. 


(800)  854*7226  •  www.wti.com 

5  Sterling  •  Irvine  •  Californio  92618-2517 
(949)  586-9950  •  Fox:  (949)  583-9514 
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Allows  up  to  6  simultaneous  users 


CONTROL  KEYBOARD,  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 
With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 

ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 
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BEST  OF  INTEROP 

NnWOftLD  INTEROP 
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COMPLETE  REMOTE  KVM  CONTROL  VIA  TCP/IP 


REMOTELY  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 


Kaveman  automatically  monitors  critical  server  vitais  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 
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The  Engine  of  Innovation 


Available  in  single,  eight  and  sixteen  channel  versions  www.digitalv6.com  Toll  Free  1-866-922-2333 
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CJMAT 


Experience  Counts.  Since  1 994  GTA 
has  been  building  solid,  dependable 
firewall  systems.  For  the  past  8  years 
our  line  of  firewall  products  have  met 
the  demands  of  small  to  medium 
sized  businesses  worldwide.  To  learn 
more  about  our  family  of  firewalls  visit 
our  website  or  contact  a  GTA  channel 
partner. 


775-4GTA  •  www.gta.com 


nfo@gta.com 
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What’s  Your 
’Current’  Load? 


Verify  Amps  Used  per  Circuit 
With  Sentry  Input  Current  Monitor 

*V  •  •  ^  ■'  /•' 

•  Precisely  measure  the  current,  in  amps, 
for  each  power  circuit 

•  Prevent  overloads  on  existing  power  circuits 

•  Reduce  costs  for  additional  power  circuits 

•  Overcurrent  alarms 

• 1  Remote  Measurement  via  IP  or  RS-232 

•  Local  Measurement  via  digital  display 


IX 


Sentry  Power  Tower.  Equipment  Cabinet  Solutions. 


Server  Technology,  Inc.  K=a2 

1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 
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IT  Careers:  Top  Jobs  in  IT 


ully  nine  of  every  10  information  technology 
professionals  works  for  a  non-IT  company,  mark¬ 
ing  a  significant  shift  of  IT  workers  from  software 
development  and  consulting  firms  to  more  traditional 
business  operations  -  manufacturing,  health  care, 
financial  services  and  the  like. 


According  to  the  ITAA  workforce  development  study 
released  in  May,  more  than  10  million  people  work  as 
IT  professionals.  The  report  indicates  that  IT  companies 
are  more  likely  to  use  off-shore  IT  resources  for  projects, 
and  non-IT  companies  are  more  likely  to  stick  to  hiring 
plans,  to  keep  jobs  at  home  and  are  likely  to  follow  cor¬ 
porate-wide  compensation 
plans.  The  report  also 
found  that  downsizing  has 
slowed,  with  hiring  slightly 
outweighing  layoffs  for  the 
past  two  quarters. 
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More  than  400  hiring  man¬ 
agers  responding  to  ITAA’s 
survey  reported  that  while 
demand  for  IT  workers 
continues  to  fall,  they  plan 
to  hire  better  than  490,000 
IT  workers  in  2003.  Despite 
a  real  tumble  since  2002, 
tech  support  as  a  category 


It’s  a  much  different  picture  than  in  the  year  2000 
when  the  hot  jobs  were  found  within  the  IT  industry. 
Today,  the  more  stable  situation  lies  with  non-IT  compa¬ 
nies.  And  the  jobs  to  target  are  those  in  the  areas  of 
database  management  and  administration,  security 
and  technical  support. 


continues  to  employ  the  most  IT  workers,  primarily  to 
improve  and  fully  capitalize  on  systems  supporting 
non-IT  business  strategy.  The  number  of  web  devel¬ 
opment  positions  also  took  a  dive,  while  database 
development/administration  and  enterprise  systems 
positions  remained  relatively  steady. 


What’s  driving  the  hiring?  Planned  investment  to 
improve  operations.  The  federal  government  is  driving 
hiring  in  cyber-security,  for  agencies  ranging  from  the 
Department  of  Homeland  Security  to  the  Department  of 
Agriculture.  While  most  every  federal  agency  is  looking 
for  IT  professionals,  so  too  is  the  Department  of  Defense 
in  its  recruitment  of  uniformed  personnel  to  man  the 
varied  high  tech  systems  being  used  in  peacekeeping 
and  warfighting.  While  the  telecom  industry  is  far  from  a 
recovery.  Sprint  is  driving  a  trend  toward  next-generation 
technology  with  the  announcement  of  a  multi-billion 
dollar  investment  to  support  a  12-year  plan  for 
new  technologies. 

Companies  such  as  IBM,  HP,  Dell  and  Oracle  also  contin¬ 
ue  to  drive  hiring  as  they  provide  on-demand  computing 
services  to  their  clients. 
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For  information  on  recruitment  advertising, 
Please  contact:  Nancy  J.  Percival, 

Director,  Recruitment  Advertising, 
at  800-762-2977 
500  Old  Connecticut  Path 
Framingham,  MA  01701 
Produced  by  Carole  R.  Hedden 


Find  out  where  IT  is  going  next. 

COMPUTER  TECHNOLOGY  AND  APPLICATIONS  EXECUTIVE  IT  MANAGEMENT 


Information  Session  July  8,  2003  (see  website) 

•  Network  Security  -  NEW! 

•  Advanced  Database  Applications  Development  -  NEW! 

•  Systems  Analysis  and  Software  Engineering 

•  Programming  and  Software  Development 

•  Database  Application  Development  and  Design 

•  Network  Administration  and  Design 


Information  Session  July  9,  2003  (see  website) 

•  Information  Systems  Management 

•  Product  Development  Management 

•  Database  Operations  Management 

•  E-Commerce  Management 
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PROGRAMMER  to  create,  modi¬ 
fy  and  maintain  computer  prog¬ 
rams  using  Clipper,  Visual  Basic. 
HTML,  JavaScript,  Xbase++,  Cry¬ 
stal  Report,  ADO,  OCR  and  SQL 
Server;  secure  specifications  to 
determine  scope  and  limitations 
of  project;  review  flow  charts,  pre¬ 
pare  and  redefine  programming 
structure  to  meet  changing  busi¬ 
ness  needs.  Require:  Bachel¬ 
or’s  in  Computer  Science/Infor¬ 
mation  Systems  and  two  years  of 
experience.  Competitive  salary 
and  benefits.  Apply  with  resume 
to:  Recruitment  Manager.  Health- 
Logic  Systems  Corporation.  6185 
-C  Buford  Highway,  Norcross,  GA 
30071. 


Senior  Software  Engineer  in 
Louisville,  KY.  Design  and  devel¬ 
op  multi-tiered  Internet  software 
using  Microsoft  tools.  Design  and 
administer  SQL  Server  databas¬ 
es  used  for  software  develop¬ 
ment.  Participate  in  sales  cycle. 
Requirements:  B.S.  in  computer 
science  or  B.S.  in  business  with 
computer  information  systems  or 
management  information  sys¬ 
tems  focus.  Two  years  hands-on 
experience  in  the  job  being 
offered.  $72,000  &  single  health 
insurance.  AN  EQUAL  OPPOR¬ 
TUNITY  EMPLOYER.  Send 
resume  to  Polarity  Software, 
1050  Bardstown  Road,  Louisville, 
KY  40204. 


COMPUTER  PROGRAMMER  to 
design,  develop  and  maintain  com¬ 
puter  programs  for  current  Enter¬ 
prise  Project  Management  Soft¬ 
ware  System(EPMS)  using  Java, 
JSP,  XML,  Oracle  9i,  and  ASP; 
develop  interfaces  to  access 
Primavera  Expedition  project/con¬ 
tract  control  subsystem  and  P3e 
scheduling  subsystem;  program 
and  maintain  Web-based  on-line 
invoice  systemandWeb  portal  appli¬ 
cations.  Require:  Bachelor’s  in 
Computer  Science/Information  Sy¬ 
stems  and  two  years  of  experience. 
Competitive  salary  and  benefits. 
Apply  with  resume  to:  Regional 
Manager,  4U  Services,  Inc.,  5295 
Highway  78,  Suite  D-223,  Stone 
Mountain,  GA  30087. 


Database  Design  Analyst 
-  sought  by  Kiretsu 
Technology,  Inc.,  a 
S/ware  Consulting  Co., 
for  position  in  Pembroke 
Pines,  FL..  Must  have  BS 
&  4  years  s/ware  dvlpmt 
exp.  Respond  by  resume 
to  Kiretsu  Technology, 
Inc.,  8362  Pines  Blvd., 
Suite  303,  Pembroke 
Pines,  FL  33024,  Attn: 
Lonnie  Spears. 


Programmer  Analyst  wanted  by 
private  label  specialty  retailer  in 
Warrendale,  PA.  Must  have  a 
Bachelor’s  Degree  or  foreign 
equiv.  degree  in  IT  or  related  and 
3  years  exp.  in  job  offered  or  in 
database  and  software  applica¬ 
tion  development.  Experience 
must  include  knowledge  of  SQL, 
PL/SQL,  SQL*PLUS  Commands, 
PRO#C,  UNIX  Shell  Script.  VB- 
COM,  and  Visual  C++  languages; 
NT  and  UNIX  Operating  Systems; 
and  SQL'LOADER  Respond  to 
Shawna  Lemke,  HR.  American 
Eagle  Outfitters.  Inc.,  150  Thom 
Hill  Drive,  Warrendale,  PA  15086. 


Programmer  Analyst  required  by 
Comp  Software  Dvlpmt  Co. 
Bach  &  2  yrs  exp  to  dsgn,  dvlp, 
maintain  &  implmt  Oracle 
d/base,  Forms  &  Reports.  Dsgn 
Client  Server  based  systems 
using  HTML/DHTML  &  Oracle. 
Perform  data  modeling  using 
Designer  2000.  Write  proce¬ 
dures  &  triggers  on  databased  in 
Forms  &  Reports  using  PL/SQL. 
Job  to  be  performed  at 
Wilmington,  DE  &  various  unan¬ 
ticipated  client  sites  throughout 
the  US  as  assigned.  Resume  to: 
Trinet  Sol.,  Inc.  P.M.B.  #5534, 
2711  Centerville  Rd,  Ste  120, 
Wilmington,  DE  19808. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis,  TN: 
Technical  Advisor/Scientific  Pro¬ 

grammer.  Provide  technical  advice 
and  expertise  for  real  time  or  batch 
scientific  programming  systems/ 
applications.  Requirements:  Bach¬ 
elor's  degree  or  equivalent  in  com¬ 
puter  science,  operations  research, 
mathematics,  statistics  or  related 
quantitative  discipline  plus  7  years 
of  experience  in  systems  develop¬ 
ment,  including  2  in  scientific  envi¬ 
ronment.  Experience  with  ArcGIS 
and  Visual  Basic  also  required. 
‘Master's  degree  in  appropriate 
field  will  offset  2  years  of  general 
(non-scientific)  experience.  Submit 
resumes  to  Chris  Holliday,  Federal 
Express  Corporation,  3680  Hacks 
Cross  Road,  Bldg  H,  2nd  Floor, 
Memphis,  TN  38125.  EOE  M/F/D/V. 


Database  Administrator/ 
Analyst  for  banking  s/ware 
applies  co.  in  Miami,  FL. 
Reqmts:  Bach  or  equiv  in 
Business  Admin.  4  yrs  exp 
in  job  offd  or  4  yrs  exp  as 
Database  Analyst/Business 
Analyst  in  related  industry. 
Will  consider  applicants 
w/any  suitable  combo  of 
education,  training  or  exp. 
Respond  to  Sally  A. 
Herrick,  HR  Director,  ERAS 
JV,  13501  SW  128th  St,  Ste 
117,  Miami,  FL  33186. 


Programmer  Analyst 
needed  w/exp  in  web  & 
Windows  applications 
using  DHTML  (Javascript 
&  VBScript),  ASP,  JSP, 
Webconnect,  XML,  VB, 
VFP,  SQL  server,  Oracle, 
IIS  &  Apache.  Design  & 
develop  reports  using 
Crystal  Reports.  Develop 
WAP  applications  using 
WML.  Send  resumes  to 
Vedas,  23  Crosby  Dr., 
Bedford,  MA-01730. 


BYSoft,  Inc.  (Houston,  TX)  is  seek¬ 
ing  Software  Engineers  with  exp.  in 
using  OpenGL,  VC++,  MFC,  VB, 
XML,  X/Motif,  COM/DCOM,  and 
OOP  on  UNIX/Linux,  Windows 
NT/2000.  Send  resume  to  10039 
Bissonnet,  #200.  Houston,  TX 
77036.  71 3-776-111 1(T)  or  info@ 
bysoftinc.com.  Attn:  Christina. 

Seismic  Micro-Technology,  Inc. 
(Houston.  TX)  is  seeking  a  Soft¬ 
ware  Tester  to  test  geosciences 
software.  1  yr.  exp.  in  seismic  inter¬ 
pretation  using  geosciences  soft¬ 
ware.  Send  resume  to  8584  Katy 
Fwy.  #400,  Houston.  TX  77024 
Attn:  Manager  of  HR  or 

713-464-6440(F) 


Web  Product  Analyst  II 

DUTIES  Consult  on  system  de¬ 
sign.  utilization,  &  availability  of 
web  based  products  &  technologies 
for  credit  card  processing  systems: 
act  as  a  liaison  between  system 
experts  &  the  client:  ensure  meth¬ 
odology  is  followed  &  standards  are 
met  while  tracking  all  projects  & 
maintaining  appropriate  documen¬ 
tation:  lead  clients  &  TSYS  entities 
through  life  cycle  implementation, 
enhancement,  &  customization  pro¬ 
jects.  Develop  functional  require¬ 
ments  &  specifications;  use  cases 
&  process  flows  for  each  project; 
assist  in  developing  new  products 
&  enhancements;  manages  project 
plans  in  coordination  w /  other 
TSYS  entities  including  technology, 
operations,  &  messaging  services. 

REQUIREMENTS:  Bachelor  or 
equiv.  in  Business  Administration, 
Information  Systems,  Network 
Engineering,  or  Computer  Science 
+  total  of  (5)  years  experience  in 
credit  card  or  financial  services  of 
which/including  (2)  years  of  experi¬ 
ence  w /  TSYS  processes,  system 
support,  and  project  management. 
Must  have  legal  authority  to  work  in 
the  U.S.  Please  send  resume 
demonstrating  all  minimum  require¬ 
ments  to:  Kerri  Alexander,  1600 
1st  Ave.,  Columbus,  GA  31902. 
Ref  #  WPA/PA. 


Sr  SW  Eng  for  wireless  telecom 
co  in  Redmond,  WA.  Duties  incl 
complex  analyses  re  dsgn 
dvlpmt  &  impl  SW  for  wireless 
telecom  products  &  services; 
dsgn  &  dvlp  embedded  real-time 
SW  systems  w/SW  project 
teams  &  HW  product  dvlprs  for 
wireless  telecom  &  networking 
products  &  apps;  impl  SW  sys¬ 
tems;  dvlpg  SW  reqs  &  prep 
detailed  dsgn  docs;  &  consult 
w/customers  re  reqs,  dsgn  & 
impl  of  SW  systems.  Job  reqs 
incl  3G  wireless  comm  stds 
(CDMA,  GSM)  &  networking 
stds  (TCP/IP,  Internet  RFCs); 
proficient  w /  C/C++,  assembler, 
CVS,  Windows,  VxWorks  & 
Nucleus  RTOS,  JTAG  debug¬ 
gers,  ARM  dvlpmt  tools,  Gnu 
CC,  gdb,  Visual  C++  &  exp 
w/MIPS,  ARM  &  M68K,  embed¬ 
ded  targets.  Reqs:  BS  (or  equiv) 
in  Eng  or  related  field.  10  yrs  exp 
in  job  offd  or  10  yrs  exp  in  dvlpg 
wireless  apps.  Respond  to  HR 
Mgr,  Elektrobit  Inc,  11121 
Willows  Rd  NE,  Ste  200, 
Redmond  WA  98052. 


APPLICATION  SYSTEMS  ARCHI¬ 
TECT  Responsible  for  application 
systems  design,  balancing  optimiz¬ 
ation  of  application  access  with  re¬ 
source  use  factors.  Design  and 
construct  application  systems  and 
develop  requirements  and  design 
specification  for  new  and  existing 
applications.  Create,  revise  and 
maintain  document  requirements 
for  data,  workflow,  logical  process¬ 
es,  hardware  and  operating  system 
environment,  interfaces  with  other 
systems,  internal  and  external 
checks  and  controls,  and  outputs. 
Require:  Bachelor’s  degree  in 
Computer  Science,  Engineering,  or 
a  closely  related  field,  with  4  years 
of  experience  in  the  job  offered  or 
as  a  Software  Programmer/Con¬ 
sultant,  Experience  must  include  2 
years  of  application  systems  design 
experience  using  Visual  Basic  and 
SQL  Servers;  Send  resume  to: 
Recruiter  -  Human  Resources, 
AgFirst  Farm  Credit  Bank,  P.O.  Box 
1499,  Columbia,  SC  29202.  (No 
Phone  Calls  Please). 


PROGFLAMMER  ANALYSTS 
for  Chicago,  IL  office.  Design 
&  Develop  software  applica¬ 
tions  using  C++,  Oracle, 
Sybase,  XML,  UML,  Coolgen, 
Interwoven,  ClearCase, 
Clear-Quest,  Plumtree,  ITS, 
PVCS,  UNIX.  Bachelors  req'd 
in  Computers,  Engineering  or 
related  field  of  study  +2  yrs  of 
related  exp.  40  hrs/wk.  Must 
have  legal  authority  to  work 
permanently  in  the  U.S. 
Contact  HR  Manager,  Stellar 
Software  Network.  Inc.,  3601 
Estacado  Ln,  Plano  TX 
75025. 


Software  Engineer:  Develop  and 
maintain  software  for  a  web  load 
testing  product  that  helps  Web 
sites  to  improve  quality  and  per¬ 
formance  of  service  they  provide 
to  their  customers.  Research 
and  develop  multi-threaded  load 
agent  technologies  in  a  distrib¬ 
uted  software  system.  Work  with 
QA  and  product  support  to  iden¬ 
tify  and  correct  defects.  Work 
with  engineering  team  to  brain¬ 
storm  and  test  new  ideas.  In¬ 
vestigate  and  assess  emerging 
web  and  software  technologies. 
Research  and  develop  high- 
level  designs  and  implement 
them  in  code.  Provide  software 
performance  analysis  of  load- 
agent  technologies  and  Web 
applications.  Program  in  Visual 
Basic,  Java,  Microsoft  SQL  Ser¬ 
ver,  XML,  Visual  C++,  COM/ 
DCOM.  Design  complex  prod¬ 
ucts  in  a  Windows  environment 
and  use  object-oriented  skills  to 
develop  products.  Require¬ 
ments  include  a  Master's  degree 
or  equivalent  in  Computer  Sci¬ 
ence  or  closely  related  field  and 
one  year  of  work  experience  in 
the  job  offered  or  related  field  of 
software  engineering  using  Java 
and  object-oriented  design 
skills.  Applicants  must  have 
unrestricted  authorization  to 
work  in  the  United  States. 
Salary  $82, 400/year.  40  hours/ 
wk.  Respond  with  two  copies  of 
resume  to  Case  #200202025, 
Labor  Exchange  Office,  19 
Staniford  St.,  1st  FI.,  Boston,  MA 
02114. 


Senior  Software  Engineer-Lead 
and/or  participate  in  specifica¬ 
tion,  design,  development  and 
support  of  products  including 
overall  architecture,  component 
interfaces  and  communication 
schemas;  client  and  server-side 
programs  using  Java,  C++ 
based  product  API's;  Oracle, 
SQL  Server  and  LDAP  database 
schemas.  Assist  with  develop¬ 
ment  of  project  plans  and  sched¬ 
ules.  Follow  rigorous  software 
engineering  standards  including 
developing  product  require¬ 
ments,  functional  and  design 
specifications  and  adhering  to 
coding  standards.  Create  new 
tools  and  procedures  to 
enhance  the  development 
process.  Lead  efforts  to  identify 
and  resolve  any  product  perfor¬ 
mance  issues.  Mentor  junior 
engineers.  Requirements 
include  a  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Information  Systems  or  related 
field  and  three  years  of  work 
experience  in  the  job  offered  or 
related  field  of  software  engi¬ 
neering.  Applicants  must  have 
unrestricted  authorization  to 
work  in  the  United  States.  Salary 
$86, 000/year.  40  hours/wk. 

Respond  with  two  copies  of 
resume  to  Case  #200202319, 
Labor  Exchange  Office,  19 
Staniford  St.,  1st  FI.,  Boston,  MA 
02114. 


Senior  Software  Engineer.  Engin¬ 
eers  new  client-server  apps  using 
latest  desktop,  web  &  database 
technologies  &  Windows  platform 
tools.  Models  incl.  earthquakes, 
tornadoes,  hurricanes,  floods;  in- 
corp.  numerical  simulation  peril 
intensity  at  sites  in  area  of  interest. 
Uses  numerical  analysis,  subst. 
scientific  &  computer  s/w  dev 
knowl.  to  ensure  products  quality. 
Salary  $76K,  40  hrs/wk.  Min.  req: 
BS  Physics,  Math,  Computers  or 
related;  2  yrs  exp.  in  s/w  dev.  inter¬ 
net  tech.  &  systems  integration 
Spec,  req:  numerical  analysis; 
Microsoft  Visual  C++,  SQL  Server, 
ISAPI  programming,  multithreaded 
s/w  programming,  Winsock  & 
Berkeley  Sockets  and  Client/ 
Server  programming.  Submit  2 
copies  resume  to  Case  # 
200202092,  Labor  Exchange 
Office.  19  Staniford  St,  1st.  ft., 
Boston,  MA  02114. 


Snr  Software  Engineer/Develop¬ 
er  to  design,  develop,  test  & 
maintain  applications  to  support  a 
complex  Global  Reference  Data¬ 
base  System  w/in  a  multinational 
mutual  fund  environment.  The 
database  is  at  the  hub  of  a  critical 
trading  environment  with  data  dis¬ 
tributed  internally  to  multiple  fund 
accounting,  equity  trading  sys¬ 
tem,  decision-support  &  info  man¬ 
agement  applications.  Will  create, 
populate  &  maintain  this  data¬ 
base  that  incorporates  sound 
business  rules  including  referen¬ 
tial  integrity,  data  scrubbing, 
auditing  &  data  verification.  Will 
also  provide  application  &  pro¬ 
duction  support  to  end-users. 
Requires  Bach  or  equiv  in  CSc., 
Technology,  Eng,  Math  or  Physics 
plus  3  ys  experience  in  job  of¬ 
fered.  OR  3  ys  developing  appli¬ 
cations  in  an  AS/400  environ¬ 
ment.  Candidate  must  also  pos¬ 
sess  demonstrated  expertise  in 
design  &  development  of  B2B 
applications  using  IBM  Web¬ 
sphere  Application  Server  on  IBM 
iSeries  System;  dem  expertise 
developing  B2B  applications  on 
ATG  Dynamo  5.1  using  Dynamo 
Application  Server  &  Dynamo 
Commerce  Server  &  dem  exper¬ 
tise  developing  &  tuning  DB2 
UDB  &  Oracle  SQL  Stored  Pro¬ 
cedures  using  SPL  &  PL  SQL. 
Sal:  $76,000/yr,  M-F,  9A-5P.  Send 
2  resumes  to  Case  #200201101, 
Labor  Exchange  Office.  19 
Staniford  Street,  1st  fl.,  Boston, 
MA  02114.  EOE.  Applicants  must 
be  workers  eligible  to  accept  full¬ 
time  employment  in  U.S. 


Design  Engineer:  Develop  and 
deploy  custom  software  applica¬ 
tions  that  enhance  the  produc¬ 
tivity  and  communication  of  the 
company's  engineers,  the  gath¬ 
ering  of  user  requirements,  and 
the  design  and  development  of 
web-based  applications  for  solv¬ 
ing  engineering  and  information 
systems  problems.  Develop 
applications  in  a  multi-tiered 
environment  that  utilize  state-of 
the-art  technologies  such  as 
object-oriented  internet  pro¬ 
gramming  and  relational  data¬ 
bases.  Use  Oracle  Database 
administration,  PL/SQL  script¬ 
ing,  DB2,  DB2  EEE,  SQL  Server 
Administration,  Perl  scripting. 
Winrunner,  Unix  System  admin¬ 
istration,  HTML,  ASP,  and 
Veritas  Volume  Manager. 
Support  databases  in  storage 
array  environment.  Require¬ 
ments  include  a  Master's  degree 
or  equivalent  in  Computer 
Science,  Electrical  Engineering 
or  closely  related  field  and  three 
years  of  work  experience  in  the 
job  offered  or  related  field  of 
software  development.  Appli¬ 
cants  must  have  unrestricted 
authorization  to  work  in  the 
United  States.  Salary  $75,000/ 
year.  40  hours/wk.  Respond  with 
two  copies  of  resume  to  Case 
#200202161,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  Fl., 
Boston,  MA  02114. 


Downtown  Law  Firm  seeks 
Computer  Hardware  Technician 
(evening  shift)  to  perform  hard¬ 
ware  &  software  maintenance, 
configuration  (TCP/IP.  NIS, 
NFS,  DNS)  &  operations  for  a 
broad  range  of  applies  running 
on  Unix  HP-UX  &  Windows. 
Perform  daily  &  monthly  produc¬ 
tion  processing  &  backups  using 
tar,  Cpio,  Omnibak  II,  Unix 
System  Administration  (kernel 
configurations,  file  system  struc¬ 
ture,  Raid,  user  &  process  man¬ 
agement,  programming/script¬ 
ing).  Maintain  PC  based  sys¬ 
tems  including  MS  Office  trou¬ 
bleshooting.  BS  in  Comp  Info 
Sci  or  Comp  Engg  w/relevant 
work  exp.  reqd.  Send  resume  to: 
Admin.  Personnel,  Cleary, 
Gottlieb,  Steen  &  Hamilton,  One 
Liberty  Plaza,  NY,  NY  10006. 


Senior  Database  Administrator 
Responsible  for  assigned  data¬ 
base  application  and  for  accept¬ 
ing  the  database  design,  agree¬ 
ing  on  database  management 
system  acquisitions,  performing 
or  checking  sizing  results,  ac¬ 
quiring  requisite  system  software 
and  system/storage  devices, 
performing  data  change  control, 
installing  and  upgrading  data¬ 
base  software,  implementing 
medium  to  large  size  production/ 
test  and  staging  databases. 
Maintain  a  dictionary  or  reposito¬ 
ry.  Assist  operations  staff  in  the 
setup  of  the  required  operations 
environment  for  running  the  sys¬ 
tem.  Assist  in  the  provision  of 
agreed  service  levels  to  the  user/ 
business,  monitoring  the  system 
(deriving  statistics  for  usage,  per¬ 
formance,  problems,  utilization, 
etc).  Ensure  integrity  of  data  in 
the  database  per  defined  data¬ 
base  constraints  and  help  to 
maintain  and  define  such  con¬ 
straints  with  active  participation 
from  development  groups.  Ad¬ 
minister  several  complex  objects 
in  development  project.  Analyze 
issues  and  make  decisions. 
Work  on  non-standard  problems 
or  issues  and  create  and  docu¬ 
ment  solutions.  Administer  and 
implement  security  integrity  con¬ 
trols.  Follow  and  adhere  to  poli¬ 
cies,  procedures  and  standards 
relating  to  database  manage¬ 
ment.  Use  knowledge  of  Oracle, 
Unix,  WindowsNT/2000/98,  and 
Internet  Security.  Requirements 
include  a  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Electronics  Engineering  or  close¬ 
ly  related  Engineering  field  and 
six  years  of  work  experience  in 
the  job  offered  or  related  field  of 
Oracle  database  administration. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $82,000/ 
year.  40  hours/wk.  Respond  with 
two  copies  of  resume  to  Case 
#200202599,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  Fl., 
Boston,  MA  02114. 


Konboy  is  o  premier  global 
systems  integrator  that  provides 
higfvquality,  high-value  solutions 
to  the  insurance,  banking, 
credit  card,  consumer  lending 
and  securities  industries.  We 
provide  a  complete  lifecycle  of 
services  including  program 
management,  business  analysis, 
technology  planning, 
architecture,  application 
development,  maintenance  and 
support.  Our  specialized 
services  include  business 
intelligence,  package  selection, 
customization,  implementation 
and  testing. 

The  following  opportunities 
are  based  at  our  corporate 
headquarters  in  Chicago  and 
locations  nationwide. 

We  are  seeking  candidates 
with  technical  skills  in:  JAVA, 
J2EE,  OOAD,  WebSphere, 
XML,  .Net,  COBOL,  CICS, 
DB2,  JCL,  and  VisionPlus 
expertise  in  an  MVS 
environment. 

•  Project  Managers 

•  Technical  Architects 

•  Project  Leads 

•  Sr.  Programmer/ 
Analysts 

•  Associate  Consultant 

For  consideration,  forward 
response  to:  Kanbay,  Inc. 
6400  Shafer  Ct.,  Suite  100, 
Rosemont,  IL  6001 8.  Fax: 
847-3 1 8-0784.  Email: 
rstewort@kanboy.com.  Please 
reference  code  CW0603  in 
all  correspondence.  Kanbay  is 
an  Affirmative  Action 
Employer/EOE  organization. 


www.lcanbay.com 
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Tech  Nation  Software  Consulting. 
Inc.  a  software  consulting  company 
with  its  main  place  of  business  at 
Sioux  Falls.  SD  has  multiple  posi¬ 
tions  for  Software  Professionals  in 
the  area  of  Oatawarehousmg 
Technologies  and  in  Middleware 
TechNation  intends  to  build  a  top 
notch  team  that  can  provide  solu¬ 
tions  in  these  areas  and  is  looking 
for  professionals  at  Techlead. 
senior  programmer  analysts  and 
developer  positions. 

1.  Techleads:  Will  lead  a  team  of 
3-5  programmers  in  new  devel¬ 
opment/maintenance.  provide 
design,  lead  the  team  in  devel¬ 
opment  and  will  allocate  work 
and  take  responsibility  of  time 
schedules. 

2  Senior  Programmer  Analysts: 
Will  analyze  client  needs,  eval¬ 
uate  existing  software,  gather 
requirements,  and  help  design 
the  specs  along  with  taking 
part  in  customization  of  soft¬ 
ware 

3.  Developers:  Will  code,  help 
customize  software  and  will 
perform  unit  testing. 

Requirements:  All  positions  require 
BS  in  Comp.  Science  or  its  equiva¬ 
lent  with  more  than  3  years  of  over¬ 
all  IT  Experience.  All  positions  will 
require  experience  in  one  of  Busin¬ 
ess  Objects.  Cognos,  Informatica, 
Oracle  Express.  Siebel.  Tibco  or  in 
WebMethods  with  experience  in 
allied  Internet  technologies. 

TechNation  provides  onsite-consul¬ 
ting  services  to  clients  across  the 
United  States  and  hence  a  key 
requirement  for  all  positions  is  that 
candidates  must  be  willing  to  relo¬ 
cate  across  the  country  for  periods 
between  3-6  months  or  as  needed 

Send  resumes  to  Rona  Troff,  300 
N  Dakota  Ave  Suite  #505-B.  Sioux 
Falls.  SD  57104  or  email  rtroff@ 
tnscinc.com  Fax:  530-733-2775. 


Senior  Software  Engineer:  Lead 
and  participate  in  specification, 
design,  development  and  sup¬ 
port  of  Internet  Security  prod¬ 
ucts,  including  overall  architec¬ 
ture,  component  interfaces,  and 
communication  schemas;  client 
and  server-side  programs  using 
Java,  XML  and  C++  on  both 
Windows  and  Unix;  Java  and 
C++  based  product  APIs; 
Oracle,  SQLServer  and  LDAP 
database  schemas.  Internation¬ 
alize  software  and  globalize 
product.  Develop  product 
requirements,  functional  and 
design  specifications  and  adher¬ 
ing  to  coding  standards.  Lead 
efforts  to  identify  and  resolve 
any  product  performance 
issues.  Requirements  include  a 
Master’s  degree  or  equivalent  in 
Computer  Science,  an  Engin¬ 
eering  discipline  or  closely  relat¬ 
ed  field  and  two  years  of  experi¬ 
ence  in  the  job  offered  or  related 
field  of  software  development/ 
engineering.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States. 
Salary  $78,000  /year.  40 
hours/wk  Respond  with  two 
copies  of  resume  to  Case 
#200202158,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston.  MA  02114. 


SYSTEMS.  ANALYST  U  Positions) 

Create  &  modify  systems  w/corp 
pnce  mgmt ,  inventory  scanning, 
stock  status  database  &  related 
components  Using  Cool  Gen. 
VAG.  COBOL.  DB2.  CICS.  JCL  & 
dient/server  techs  .  wnte  specs 
for  system  modifications,  partici¬ 
pate  in  tech  design  of  systems 
enhancements  &  develop,  test.  & 
implement  app  code  Eval.  struc¬ 
ture  &  flow  of  data  through 
assigned  systems  Implement  sys¬ 
tem  changes  &  enhancements 
w/support  for  continuing  systems 
maint  Make  on-line  &  batch  sys¬ 
tem  changes,  as  well  as  wnte  & 
execute  test  plans  &  data  Eval 
structure  &  flow  of  data  to  deter¬ 
mine  results,  sources  &  structure 
of  data  &  file  org  for  optimal  sys¬ 
tem  usage  Requires  B  S  (or  for¬ 
eign  equiv)  in  Comp.  Sd..  Math. 
Engn  .  or  related  field  &  2  yrs  exp 
as  Systems  Analyst.  Prog  Analyst, 
or  Prog  EOE  40  hrs/wk  Send 
resume  to  Kim  Richitelli.  Belk 
Stores  Services  Inc  2801  W 
T/voia  Rd  .  Charlotte.  NC  28217 
_ 


Senior  Developer-Perform  life¬ 
cycle  web-based  application  de¬ 
velopment  including  turning  busi¬ 
ness  requirements  into  system 
specifications,  designing  data¬ 
base  schemas,  creating  middle 
tier  components,  creating  user  in¬ 
terface.  and  implementing  appli¬ 
cations  using  the  latest  client/ 
server  and  web  technologies. 
Design  and  develop  robust  secu¬ 
rity  infrastructures  to  support  the 
Windows-based  application  to 
achieve  fine-grained  functional 
and  data  security  requirements. 
Research  and  recommend  new 
network,  application  and  web 
security  method  and  implement 
these  methods  in  related  projects. 
Communicate  the  end-user  feed¬ 
back  to  the  project  leadership  for 
action.  Correct  problems,  modify 
or  enhance  programs  and  soft¬ 
ware  functions  to  accomodate 
changing  business  rules,  and 
support  the  application  rollout  at 
various  customer  sites.  Use 
knowledge  of  MS  SQL  Server 
2000.  Requirements  include  a 
Master’s  Degree  or  equivalent  in 
Computer  Science,  an  Engineer¬ 
ing  discipline  or  related  field  and 
at  least  three  years  of  pre-or  post¬ 
degree  work  experience  in  the  job 
offered  or  related  field  of  software 
engineenng  using  Microsoft  de¬ 
velopment  technologies.  Appli¬ 
cants  must  have  unrestricted 
authorization  to  work  in  the  Unit¬ 
ed  States.  Salary  $85, 561 /year. 
40  hours/wk.  Respond  with  two 
copies  of  resume  to  Case 
#200201803,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston,  MA  02114. 


^7  PTC 

PTC  (Parametric  Technology 
Corporation)  is  one  of  the 
world's  largest  software  com¬ 
panies  with  a  total  commitment 
to  product  development. 
PTC's  software  impacts  every 
area  of  the  product  lifecycle, 
from  product  planning  and 
engineering  to  service  and 
support. 

PTC  has  the  following  opportu¬ 
nities  at  its  San  Jose,  CA  facil¬ 
ity: 

■  Senior  Application 
Specialists  (BS  degree  plus 
two  years'  experience  in  tech¬ 
nical  support  or  a  develop¬ 
ment  environment  and  exper¬ 
tise  programming  in  C  or  C++ 
or  a  MS  degree  and  no  expe¬ 
rience  and  expertise  program¬ 
ming  in  C  or  C++) 

•  Senior  Implementation 
Consultants  (BS  degree  plus 
two  years’  experience  in  PDM 
consulting  or  PDM  develop¬ 
ment  or  a  MS  degree  and  no 
experience) 

Senior  Software  Engineers 
(BS  degree  plus  one  year 
experience  in  software  devel¬ 
opment  and  expertise  pro¬ 
gramming  in  Java  and  HTML 
or  a  MS  degree  and  no  expe¬ 
rience  and  expertise  program¬ 
ming  in  Java  and  HTML) 
Please  send  resume  to: 

Diane  Radula 
PTC  Human  Resources 
140  Kendrick  Street 
Needham,  MA  02494 
or  email  to 
drrecruiting@ptc.com 


PROGRAMMER  ANALYSTS 
for  Chicago,  IL  office.  Design 
&  Develop  software  applica¬ 
tions  using  C++.  Oracle,  Sy¬ 
base,  XML.  Coolgen,  Inter¬ 
woven,  ClearCase.  Clear- 
Quest,  Plumtree.  ITS,  PVCS, 
UNIX.  Bachelors  req'd  in 
Computers,  Engineering  or 
related  field  of  study  +2  yrs  of 
related  exp  40  hrs/wk.  Must 
have  legal  authonty  to  work 
permanently  in  the  U.S.  Con¬ 
tact  HR  Manager.  Regency 
Technologies.  Inc.,  1100 
Airport  Freeway,  Suite  204. 
Bedford. TX  76021. 


Developer  sought  by  oncology/ 
therapeutics  div.  of  pharma  R&D 
co.  in  San  Francisco,  CA. 
Candidate  must  have  a 
Bachelor's  degree  or  equiv.  in 
Computer  Engineering  or  relat¬ 
ed  Min  of  5  years  experience  in 
application  development  &  data¬ 
base  design  &  development  on 
Oracle  platform  required. 
Extensive  exp.  in  OOAD,  Object 
Oriented  Programming,  DBA, 
database  design  tools,  data 
modeling  tools  (ERWin),  SQL, 
PL/SQL,  Unix  (shellscripts,  FTP 
automation),  Java,  Oracle  8i 
database,  Oracle  11i  applica¬ 
tions  (order  fulfillment).  Blue 
Martini  CRM  and  HTML,  phar¬ 
ma.  pricing  s/w  customization 
required.  Experience  in  phar¬ 
ma.  pricing  required.  Must  have 
strong  analytical  skills  in  pricing 
infrastructure,  information  ser¬ 
vices  &  data  analyses,  &  excel¬ 
lent  oral  &  written  communica¬ 
tion  skills.  Send  resumes  to: 
OTN,  Staffing  Dept.,  395  Oyster 
Point  Blvd..  Suite  405,  South 
San  Francisco.  CA  94080,  Job 
Code:  VM-764  or  fax  resume  to: 
(650)  737-9576. 


Internet  Commercial  Artist  will 
design  arts/visual  graphics  for 
product  ads  in  Internet  shopping 
sites  with  following  duties:  re¬ 
search  on  products/services  and 
formulate  concept  art  design/ 
layout  using  freehand  drawing 
and  scratch  layout;  create 
sketches  for  clients  review  using 
Photoshop,  EasyPhoto.  Print- 
Shop,  Photoimpact  and  Corel- 
Draw7;  design  animation  graph¬ 
ics  with  Flash5  and  WGT;  pre¬ 
pare  digitized  drawings/pictures 
and  complete  final  layout  for 
Internet  display  utilizing  HTML. 
JavaScript.  Namo  WebEditor5; 
consult  with  corporate  clients  to 
provide  artistic  suggestions.  Re¬ 
quires  BA/BS  in  Fine  Arts, 
Studio  Arts,  or  Graphic  Design¬ 
ing  and  must  be  able  to  perform 
all  the  job  tasks  on  the  day  of  hir¬ 
ing.  Full  fime/competitive  salary. 
Resume  to:  HR,  Computer 
Concepts,  Inc.  11654  Dorsett 
Rd.,  St.  Louis,  MO  63043.  No 
call/EOE. 


SYSTEMS  ANALYST  to  pro¬ 
vide  on-site  consultancy  to 
analyze,  design,  develop,  im¬ 
plement  and  modify  e-com- 
merce  applications  using  Java, 
Java  Servlets,  J2EE,  DHTML, 
HTML,  VC++,  C/C++,  VB¬ 
Script,  XML,  HTTP,  TCP/IP, 
JSP,  EJB,  ASP,  Oracle,  Sy¬ 
base,  SQL  Server  and  related 
tools  in  Unix,  Windows  and 
Real-time  NT  environment. 
Require:  B.S.  in  Computer 
Science/Engineering  and  two 
years  experience  in  the  job 
offered.  25%  paid  travel  re¬ 
quired  to  client  sites  within  the 
United  States.  Competitive 
salary  and  benefits.  Apply  with 
resume  to:  Vice  President, 
Compucom  Global  Solutions, 
Inc.,  200  Perrine  Road,  Suite 
225,  Old  Bridge,  NJ  08857. 


Seeking  qualified  applicants  tor  the 
following  positions  in  Memphis/ 

Analyst  Formulate/define  function¬ 
al  requirements  and  documentation 
based  on  accepted  user  criteria 
Requirements:  Bachelor's  degree* 
in  computer  science.  MIS.  informa¬ 
tion  technology,  engineenng  or 
related  field  plus  5  years  of  experi¬ 
ence  in  systemstapplications  devel¬ 
opment  Experience  with  Java, 
either  C  or  C++:  and  development 
of  transactional  distributed  sys¬ 
tems/applications  also  required. 
'Master  s  degree  in  appropnate 
field  will  olfset  2  years  of  general 
expenence.  Submit  resumes  to  Sibi 
George.  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd  .  Suite  1400.  Orlando,  FL 
32810  EOE  M/F/D/V 


Network  Administrator  I:  Entry- 
level  position  to  install  &  support 
company  LAN,  WAN,  Internet 
system.  Develop  company 
graphic  &  animation  website, 
also  assist  to  maintain,  plan, 
coordinate  &  implement  network 
security  measures.  Req. 
Bachelor's  in  C.S.  or  any  com¬ 
puter  related  field.  No  exp.  req. 
but  must  demonstrate  ability  to 
perform  job  through  course  work 
or  project  involving  C,  C++, 
graphic  &  animation  program¬ 
ming.  Resume  w/  transcripts  to: 
Pres.,  Color  Imaging  Inc.,  4350 
Peachtree  Industrial  Blvd.,  Ste 
100,  Norcross,  GA  30071 


Computer  Programmer.  Deve¬ 
lop.  design,  analyze  &  test  J2EE 
applications  using  JSP,  Servlets, 
JDBC,  Oracle,  PL/SQL,  HTML, 
Java  Script  &  Weblogic 
Application  Server.  Develop 
software  applications  using 
Signed  applets  &  RMI.  Req. 
Bachelor's  or  its  foreign  dgr. 
Equvl't  in  C.S.  or  other  related 
engineering  field  +  2yr  exp.  in 
either  job  offered  or  Software 
Engineering  or  computer  pro¬ 
gramming.  Resume  to 
President,  Softech  Int'l 
Resources,  Inc.,  3300  Holcomb 
Bridge  Rd.,  Ste  270,  Norcross, 
GA  30092 


ENGINEERING 

Leading  energy  services  provider 
seeks  Systems  Integration  Engin¬ 
eer.  BS  or  equiv  in  CS,  Electronics 
Engrng,  Instrumentation  Engrng  or 
related.  Must  have  5  yrs  exp  design 
of  control  systems  that  includes  3 
yrs  exp  middle  ware,  enterprise 
resource  planning  or  database 
management:  1  yr  design,  specifi¬ 
cation  and  application  of  energy 
mgmf  control  systems  with  sw  pro¬ 
tocols;  6  mos  exp  systems  integra¬ 
tion,  web  based  data  acquisition 
and  programming  of  BMS  integra¬ 
tion  protocols;  knowledge  C++, 
Java.  SQL/Oracle  database  Job 
location:  White  Plains,  NY.  Fax 
resume  w/cover  to  attn:  HR  Dept- 
EIS  at  (914)  448-0057. 


Network  Administrator.  Trouble¬ 
shoot  services,  connections,  in¬ 
stallations;  roll  out  &  monitor  pro¬ 
duction  systems;  maintain  utilities 
w/client  applications;  database 
admin.;  maintain  security  of  sys¬ 
tems/data;  share  responsibility  w/ 
administrators  for  24/7  operating 
systems,  network  connectivity, 
system  services  (citrix  servers 
etc  ).  Must  have  Bachelor's  in 
Comp.  Sci.,  Engg.  or  related,  1  yr. 
exp.,  &  knowledge  of  SQL  data¬ 
base  admin.;  NT/2000  systems 
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Computers  -  Sr.  Technical 
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Please  refer  to  "STC"  in  your 
reply. 


Programmers,  Jr,  Programmers, 
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MQ  Series,  Shell  Scripts,  Java 
and  related  tech.,  Oracle  &  relat¬ 
ed  tools,  SQL  Loader,  CGI/Perl, 
Visual  Basic,  AppWorx  and 
related  technologies;  (b)  C/C++, 
Cobol,  PB,  Sybase,  Java, 
Oracle,  SQL  Server,  XML,  Unix, 
MQ  Series,  Weblogic  and  relat¬ 
ed  technologies.  US  Workers 
only.  Consulting  positions  requir¬ 
ing  travel.  Prevailing  wage/ben¬ 
efits.  Send  resume  to  HR, 
Datum  America  Ltd.,  850  Boyce 
Rd.,  Suite  7,  Bridgeville,  PA 
15017.  EOE. 
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HOW  IT  WORKS 


Processing  XML 

An  XML  accelerator  processes  an  XML 
message,  which  contains  validation, 
transformation  and  routing.  Here  is 
a  look  at  the  processing  needed  to 
determine  the  security  that  is 
contained  within  a  message. 


Application  server 


XML  accelerator 


I  Accelerator  parses  an 
incoming  message  and 
reads  data  in  headers  and 
payload  of  message  to 
determine  what  it  is.  It 
validates  the  XML  schema 
and  ensures  there  is  no 
malicious  code  and  then 
filters  the  message  based 
on  a  set  of  security  rules. 


|  The  encrypted 
portions  of  message 
are  decrypted  (XML 
allows  encryption  to 
be  applied  to  select 
strings  of  data). 
Digital  signatures  are 
verified  to  ensure 
payload  has  not  been 
modified  in  transit 


J  v. 


i  The  message  is  parsed 
again  to  include  the  de¬ 
crypted  data  and  a  digital 
signature  is  applied  to 
prevent  tampering.  An 
XML  address  translation 
is  performed  to  hide 
back-end  servers.  The 
message  is  encrypted  and 
sent  on  its  way. 


J  V. 


SOURCE:  NETWORK  WORLO.  DATAPOWER 


XML 

continued  from  page  1 

is  huge  because  you  can  add 
mechanisms  like  security  and 
encryption  incrementally  but  that 
means  you  have  to  parse  the  mes¬ 
sage  to  pull  out  the  data.  It’s  a 
huge  amount  of  overhead.” 

Schadler  says  dedicated  net¬ 
work  hardware  will  become  a  re¬ 
quirement  for  successful  XML 
and  Web  services  adoption  and 
eventually  will  help  define  a  layer 
in  networks  committed  to  XML. 

The  evolution  is  not  surprising 
because  many  CPU-intensive 
tasks  in  the  past  have  been 
moved  from  software  to  dedicat¬ 
ed  hardware. 

Some  vendors  are  rising  to  the 
XML  challenge  with  general-pur¬ 
pose  products  and  others  have 
focused  on  specific  tasks  such  as 
security  or  transformation.  Early 
adopters  say  XML  processing  in¬ 
evitably  will  move  from  applica¬ 
tion  server  software  to  hardware. 

Earlier  this  month,  Sarvega, 
which  develops  a  hardware  ac¬ 
celerator  called  XPE  2000,  re¬ 
ceived  an  additional  $10  million 
in  venture  funding.  Other  players 
such  as  DataPower  —  with 
founder  and  CTO  Eugene  Kuz¬ 
netsov  —  are  stocked  with  indus¬ 
try  veterans  from  companies 
such  as  Cisco  and  Nortel.  Other 
vendors  include  Forum  Systems, 
Reactivity  and  Westbridge. 

Also, start-ups  such  as  Conform- 


ative  Systems,  which  received 
$6.5  million  in  venture  backing 
this  month,  are  emerging  from 
stealth  mode  and  plan  to  intro¬ 
duce  products  next  year.  And 
nearly  a  half  dozen  other  start¬ 
ups  are  currently  flying  under  the 
radar,  analysts  say. 

Intel  spinoff  Tarari  this  month  is 
scheduled  to  release  its  first  XML 
Content  Processor,  a  silicon- 
based  XML  processing  engine  on 
a  PCI  card  that  plugs  into  servers, 
appliances  or  network  devices. 

Analysts  say  established  hard¬ 
ware  vendors  such  as  Cisco,  F5 
Networks  and  Nortel  will  incor¬ 
porate  some  type  of  acceleration 
technology  over  the  coming 
years. 

“We  don’t  have  to  solve  this 
problem  today  but  we  are  keep¬ 
ing  an  eye  on  it,”  says  Mike  Para- 
tore,  product  line  manager  for 
content  switches  at  Cisco. 

These  network  devices  sit  be¬ 
hind  a  firewall  and  form  an  aggre¬ 
gation  point  for  XML  traffic  on  the 
wire.  They  parse  XML  messages, 
validate  integrity  and  security 
attributes,  transform  data  formats 
and  route  messages. 

“In  the  Web  services  model, 
XML  acceleration  becomes  a 
necessity  says  Jeff  Lamb,  CTO  for 
Leader  Technologies,  which  runs 
the  LeaderPhone.com  Web- 
based  teleconferencing  service. 

Lamb  uses  Extensible  Style- 
sheet  Language  Transformations 
to  render  interfaces  to  the 


LeaderPhone  Web  site  that  are 
appropriate  for  a  user’s  connec¬ 
tion  speed  and  device. 

“We  could  not  have  done  this 
without  acceleration  hardware,” 
says  Lamb,  who  uses  an  XA35 
XML  Accelerator  from  DataPower. 
“The  complex  transformations 
were  bogging  down  our  applica¬ 
tion  server,  which  made  the  user 
experience  much  too  slow’’  Lamb 
was  using  a  common  parsing 
engine  from  Apache  called  Xer- 
ces  on  the  application  server. 

Lamb’s  experience  is  likely  to 
become  the  norm.  Research  firm 
ZapThink  says  XML  is  expected  to 
account  for  more  than  25%  of  net¬ 
work  traffic  by  2006,  up  from  just 
under  2%  todayAnd  Forrester  says 
1  billion  clients  will  be  sending 
and  receiving  XML  messages 
based  on  the  Simple  Object 
Access  Protocol  by  2008. 

“XML  gives  us  the  next  level  for 
data  delivery  and  that  will  drive 
the  need  for  acceleration,”  says 
Chandru  Bolaki,  director  for  re¬ 
search  and  development  at 
UTStarcom,  which  develops  net¬ 
work  gear  for  service  providers. 
Bolaki  has  run  a  Sarvega  XPE 
accelerator  for  two  years  to  inject 
user  data  into  his  call  center. 

“The  first  issue  is  always  ease  of 
use.  HTML  is  a  good  example. 
When  it  first  started  out,  there  was 
no  concern  about  handling  the 
volume.  But  as  people  found  out 
how  easy  it  was  to  use,  it  exploded 
and  that’s  why  you  have  compa¬ 


nies  like  Akamai  [which  caches 
content] ,”  Bolaki  says. 

In  addition  to  streamlining  the 
use  of  XML,  acceleration  hard¬ 
ware  will  give  users  an  idea  of 
what  it  will  take  to  design  a  ser¬ 
vice-oriented  architecture,  a  net¬ 
work  that  can  accommodate  a 
collection  of  loosely  connected, 
reusable  Web  services  compo¬ 


nents  that  can  be  stitched  into 
applications. 

“Once  the  data-center  folks  see 
all  the  Web  services  traffic  on  the 
network  they  will  want  bottle¬ 
neck  issues  solved,”  says  Ron 
Schmelzer,  an  analyst  with 
ZapThink. 

DataPower  CTO  Kuznetsov, 
who’s  worked  on  XML  accelera¬ 
tion  for  four  years,  says  a  major 
shift  is  coming  in  the  kinds  of 
duties  delegated  to  network  gear. 

“You  are  not  going  to  want  some 
shim  software  on  a  general-pur¬ 
pose  server  sitting  in  line  with 
data-center  traffic,”  Kuznetsov 
says.  DataFbwer’s  XA35  XML  accel¬ 
erator  and  XS40  XML  Security 
Gateway  are  true  network  de¬ 
vices,  as  opposed  to  another  class 
of  acceleration  products  that  use 
hard  drives  in  their  boxes. 

Regardless  of  design,  vendors 
say  the  bottom  line  is  savings  in 
cost  and  performance. 

“What  we  are  talking  about  is 
millions  of  dollars  in  savings  by 
moving  to  better  throughput,  bet¬ 
ter  response  and  a  more  effective 
way  to  scale,"  says  John  Chira- 
purath, co-founder  and  vice  presi¬ 
dent  of  marketing  for  Sarvega. 
“The  alternative  is  to  throw  more 
Unix  or  Windows  boxes  at  the 
problem  in  order  to  scale  up. 

“An  evolution  in  applications 
has  always  caused  a  revolution  in 
networks.  And  that  is  no  different 
here."  ■ 


Start-up  touts  application  integration  in  an  appliance 


Start-up  Cast  Iron  Systems  is  putting  a  new  twist  on  applica¬ 
tion  integration  with  an  appliance  that  will  live  and  function 
on  corporate  networks. 

The  company  is  expected  to  emerge  from  stealth  mode  early 
next  month  to  launch  its  Application  Router  1000.  The  router  is  a 
lightweight  rendition  of  enterprise  application  integration  (EAI)  soft¬ 
ware  and  lets  companies  integrate  applications  regardless  of  data 
format  either  internally  or  with  business  partners. 

The  difference  is  that  Cast  Iron  does  everything  on  a  device. 
Companies  use  a  set  of  design  tools  to  map  connections  between 
applications  and  then  deploy  in  their  data  centers  the  rack-mounted 
router,  which  handles  protocol  and  data  format  conversion  using 
XML  and  C++  to  optimize  performance,  workflow  and  lightweight 
routing.  The  router  also  includes  a  management  console. 

"Cast  Iron  handles  stuff  at  the  edge  where  EAI  would  be  overkill," 
says  Greg  Kleiner,  infrastructure  analyst  for  Soundview Technology 
Group,  an  investment  firm.  “If  you  are  hooking  the  shop  floor  to  IT 
you  don't  need  a  full-blown  Tibco  platform.  You  want  a  box  you  can 
plug  applications  into,  connect  to  the  core  of  your  network  and 
remotely  manage  from  your  data  center." 

The  Simplicity  of  Application  Router  is  its  selling  point,  according 
to  Pat  Lawrence,  CIO  for  Prime  Source  Food  Service  Equipment. 

Prime  Source  has  about  700  vendors  it  must  integrate  with  to 
exchange  purchase  orders,  billing  information  and  shipping  data. 
Previously  that  was  done  with  faxes  or  phone  calls. 


Lawrence  has  deployed  Application  Router  1000  to  handle  the 
exchange  of  purchase  orders;  acknowledgments  of  purchases 
including  ship  date;  and  acknowledgments  of  shipping,  including  a 
bill  of  lading  and  tracking  information,  Lawrence  plans  to  add  sup¬ 
port  for  invoices. 

“The  beauty  of  the  router  is  that  we  don’t  have  the  clout  to  tell 
these  vendors  we  are  going  to  use  [electronic  data  interchange], 
and  they  have  to  comply,"  Lawrence  says.  “This  allows  us  to  easily 
communicate  in  whatever  format  the  vendor  chooses  without  hav¬ 
ing  to  write  custom  interfaces  for  each  partner." 

Cast  Iron  co-founder  and  CEO  Fred  Meyer,  who  was  formerly  the 
chief  strategy  officer  at  Tibco,  says,  “We  are  not  trying  to  be  EAI- 
like.  We  are  tying  to  dumb  that  down." 

Meyer  says  just  like  routers  were  designed  to  help  connect  net¬ 
works  running  different  protocols,  Cast  Iron  is  helping  connect 
applications  with  different  protocols  and  data  formats. 

The  appliance  runs  on  an  enhanced  version  of  Linux  and  has  two 
lO/IOO/IOOOBase-T  data  ports  and  one  lO/IOO/IOOOBase-T  manage¬ 
ment  port.  The  device  supports  custom  integration  but  ships  with 
support  for  ERP  systems  including  SAP  and  PeopleSoft.  It  also 
supports  SQL,  Structured  Text,  XML  documents  and  MIME,  and 
includes  pre-configured  templates  for  EDI. 

The  router  is  priced  between  $30,000  and  $100,000,  depending  on 
configuration. 


—  John  Fontana 
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You're  faced  with  it  every  day  —  users  demanding  access  to  data  from  anywhere  at  anytime,  which  means  you 
need  to  meld  storage  into  every  aspect  of  the  enterprise.  You  need  a  well-tested  disaster  recovery  plan.  You 
have  to  account  for  the  security  of  customer  information.  And  you're  under  pressure  to  support  the  enormous 
amounts  of  information  applications  are  churning  out.  Where  do  you  begin  tackling  these  storage  challenges? 
Come  to  Network  World's  Storage  Technology  Tour,  "Shoring  Up  Your  Enterprise  Strategy,"  where  storage  expert  Steve 
Duplessie  and  leading  industry  vendors  help  you  put  together  a  comprehensive  storage  strategy. 


6  storage  lessons  to  make  your  enterprise  a  success: 


REGISTER  TO  ATTEND  IN  A  CITY  NEAR  YOU! 

June  10  ►  Boston,  MA  ►  Sheraton  Tara  Framingham 
June  12  ►  Washington,  DC  ► JW  Marriott 
June  24  ►  Chicago,  IL  ►  Hyatt  Regency  O'Hare 
June  26  ►  San  Jose,  CA  ►  Silicon  Valley  Conference  Ctr. 


a  Paper  trails.  Understand  the  impact 
of  HIPAA,  SEC  restrictions  and  other 
regulatory  issues. 

a  Pick  your  pipe.  Determine  whether 
Gigabit  Ethernet  or  Fibre  Channel  is 
best  for  your  environment. 

a  More  bang  for  your  buck.  The  role  of 
virtualization  and  consolidation  in 
maximizing  your  resources. 


a  Disaster  recovery  goes  the  distance. 

Examine  Fibre  Channel  over  IP  and  other 
emerging  technologies  moving  storage 
across  the  wide  area. 

s  The  path  of  iSCSI.  How  standards  like 
iSCSI  will  fit  into  the  enterprise. 

a  SAN  vs.  NAS  no  more.  How  block-oriented 
and  file-oriented  systems  are  merging. 


Sign  up  for  one  of  these  cities 
today  and  let  the  storage  experts 
keep  you  ahead  of  the  curve! 


PRE-REGISTRATION  IS  REQUIRED.  RESERVE  YOUR  SEAT  NOW! 

Online  at  www.nwfusion.com/events/storage2.jsp 

or  call  800-643-4668 


PLATINUM  PRESENTING  SPONSORS: 


GOLD  EXHIBITING  SPONSORS: 


F inis  a  r 

The  ultimate  in  SAN  LAN  Performance  Tools 


LeftHand 


NETWORKS  *♦*. 


StoraceTek 


WINCHESTERSYSTEMS  * 

Storage  Simplicity  by  Design 


This  event  is  limited  to  Network  and  IT  professionals  involved  in  the  evaluation  and  purchase  of  storage  products  and  services.  Network  World  reserves  the  right  to  determine  total  audience  profile 
To  sponsor  this  Network  World  event  or  if  you  are  interested  in  on-site  training  for  your  company,  contact  Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com. 
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The  problem:  Handling  calls  from  wireless  users  reporting 
problems. 

The  big  problem:  Microsoft’s  internal  help  desk  fields  700  wireless- 
related  calls  per  month. 

The  think-small  solution:  Give  current  help  staff  additional 
documentation  on  WLANs;  rely  on  the  theory  of  management  by 
busy  signal. 

The  think-big  solution:  Set  user  expectations,  create  Web  site 
for  self-service  on  simple  problems,  escalate  wireless  problems  to 
wireless-trained  staff,  divide  responsibility  between  help-desk  and 
network  operations  staffs. 
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WLAN 

continued  from  page  1 

evaluate  a  new  approach  to  large 
scale  WLAN  deployment:  the  so- 
called  wireless  switch,  the  first  of 
which  are  starting  to  ship. 

But  none  of  these  tools  can  or 
will  replace  the  need  to  first  think 
big  about  WLAN  management. 
Experts  say  to  control  a  big 
WLAN  and  minimize  operational 
problems,  you  have  to  think 
through  the  issues  from  top  to 
bottom. 

Enterprise  WLANs  are  almost  in¬ 
visible  to  a  traditional  network 
management  system, even  as  they 
add  hundreds  or  thousands  of 
end  devices  that  need  to  be  man¬ 
aged.  As  Bernstein  notes,  hiring  a 
platoon  of  support  technicians  to 
hike  around  a  sprawling  deploy¬ 
ment  and  fiddle  with  access 
points  is  not  practical. 

Nearly  all  of  the  biggest  WLAN 
sites  are  using  a  blend  of  home¬ 
grown  tools  and  third-party 
applications. 

Many  WLAN  hardware  vendors 
create  SNMP  management  infor¬ 
mation  bases  (MIB)  on  their  ac¬ 
cess  points.  MIBs  are  chunks  of 
code  that  use  SNMP  to  pass  data 
about  the  device’s  behavior  and 
health  to  network  management 
applications,  where  the  data  can 
be  analyzed.  MIBs  written  by  ven¬ 
dors  can  pass  back  sketchy  infor¬ 
mation  about  highly  detailed 
data.  And  getting  to  the  data,  get¬ 
ting  it  out  and  getting  it  stored  is  a 
pain. 

“Today,  I  have  to  go  out  and  poll 
560  access  points,”  says  Brad 
Noblet,  director  of  technical  ser¬ 
vices  at  Dartmouth  College  in 
Hanover,  N.H.“That’s  time-consum¬ 
ing  and  bandwidth-consuming.” 

Cisco’s  internal  IT  group,  over¬ 
seeing  about  3,000  access  points 
in  the  company’s  global  wireless 
network,  has  used  some  Cisco 
management  tools,  but  they  rely 
mainly  on  a  set  of  applications 
they  wrote  themselves. 

“I  will  use  those  tools  if  they 
offer  me  something  [I  need]  ,”says 
David  Castaneda,  member  of  the 
technical  staff  with  Cisco’s  Infra¬ 
structure  IT  group.“If  they  don’t,  I 
will  build  what  1  need.” 

What  they  built  was  their  own 
wireless  network  provisioning 
tools,  which  typically  run  at  night 
under  the  direction  of  Cisco-writ¬ 
ten  scripts.  Triggered  by  the 
scripts,  the  programs  update  the 
software  on  every  access  point  in 
the  network.  That  update  is  sim¬ 
plified  because  Cisco  decided 
that  the  exact  same  software 
load.or  image, would  run  on  each 
device.  The  payoff  is  a  network 


that  almost  seems  to  run  itself, 
according  to  Castaneda. 

“Our  wireless  LAN  is  very  non¬ 
labor  intensive,”  he  says.“We  want¬ 
ed  an  ‘install-and-forget’  scenario, 
and  that  is  what  we  built.” 

Many  routine  chores  on  distrib¬ 
uted  access  points  still  have  to  be 
done  one  at  a  time.  Network  man¬ 
agers  have  turned  to  do-it-yourself 
automation  to  make  this  feasible 
for  networks  such  as  the  one 
emerging  at  McGill.  One  example 
is  changing  the  service  set  identi¬ 
fier  (SSID)on  each  access  point. 
The  SSID  is  attached  to  wireless 
packets  and  acts  as  a  kind  of  pass¬ 
word  to  join  a  specific  WLAN. 

“If  you  want  to  change  the  SSID 
on  all  your  access  points,  typically 
you  still  have  to  do  this  manual^’ 
says  Pascal  Beauregard,  project 
manager  for  McGill’s  WLAN. 

McGill  created  a  set  of  Perl 
scripts  that  runs  nightly  to  apply 
changes  to  the  SSID  and  to  collect 
device  data  using  SNMP 

Designing  for  simplified  man¬ 
agement  was  a  key  element  in 
Microsoft’s  installation  of  a  huge 
WLAN  at  its  Redmond,  Wash., 
campus.  From  the  outset,  the 
company’s  internal  IT  group 
made  sure  it  had  remote  control 
of  the  console  port  on  each  of  the 
2,500  access  points  deployed 
there.  (See  Part  1  of  this  series, 
www.nwfusion.com,  DocFinder: 
6444.)  Then,  operations  staff  built 
three  databases  with  information 
on  device  addresses,  radio  chan¬ 
nel  assignments,  locations  and 
settings,  and  a  bundle  of  scripts. 

Installing  an  access  point  is 
now  so  simple  it’s  handled  by  a 
building’s  facilities  engineering 
staff,  instead  of  the  IT  group.  After 
the  device  is  installed,  a  network 
administrator  clicks  on  a  script, 
which  pulls  out  the  needed  data 
and  configures  the  device. 

“The  script  brings  all  this  togeth¬ 
er  and  configures  one  access 
point  or  a  whole  subnet  of  access 
points  with  one  button-click,”  says 
Don  Berry,  senior  network  engi¬ 
neer  with  Microsoft's  Operations 


and  Technology  Group. 

A  growing  number  of  third- 
party  applications  are  taking  a 
similar  approach. 

St.Vincent’s  Hospital  in  Birming¬ 
ham,  Ala.,  manages  170  access 
points  with  Mobile  Manager  from 
WaveLink  Wireless  and  Cisco 
WLAN  management  utilities. 
Until  recently  such  tools  typically 
have  focused  on  remotely  man¬ 
aging  individual  access  points. 

By  contrast,  WaveLink  lets  St. 
Vincent’s  corral  access  points 
into  groups  based  on  criteria 
such  as  location,  business 
department  or  function.  Users 
assigned  to  a  department,  such 
as  the  outpatient  clinics,  inherit 
the  access  rights  of  that  depart¬ 
ment.  Network  managers  also 
can  send  software  upgrades  or 
configuration  changes  by  group, 
instead  of  individually 

Crowded  market 

Traffic  and  signal  monitors  from 
companies  such  as  AirMagnet, 
Sniffer  Technologies  and  Wild- 
Packets  are  used  for  sweeping 
radio  channels  to  identify  unau¬ 
thorized  access  points  and  deter¬ 
mine  signal  strength 

Wireless  security  gateway  com¬ 
panies,  such  as  Bluesocket, 
Colubris,  Fortress  Technologies, 
ReefEdge  and  Vernier  Networks, 
are  adding  a  growing  array  of  de¬ 
vice  management  features  to  ex¬ 
tend  centralized  control  over  ac¬ 
cess  points. 

WLAN  switch  start-ups,  such  as 
Airespace,  Aruba  Wireless  Net¬ 
works  and  Vivato,  are  scheduled 
to  begin  shipping  products  over 
the  next  few  months.These  boxes 
have  Layer  2  and  Layer  3  switch 
features  to  aggregate  access 
points  into  manageable  groups. 
There  are  companion  access 
points,  and  software  tools  for 
monitoring  radio  signals  and 
sometimes  automatically  adjust 
the  signals. 

Traditional  network  manage¬ 
ment  applications,  such  as  HP 
OpenView  and  Computer  Asso¬ 


ciates’  Unicenter,  have  new  fea¬ 
tures,  often  as  options,  designed 
for  managing  wireless  network 
devices  and  radio  signals. 

Customers  can  simplify  manag¬ 
ing  large-scale  WLANs  by  making 
smart  design  and  architectural 
decisions  at  the  outset,  experts 
sayA  common  practice  is  to  man¬ 
date  a  single  software  bundle, 
called  the  system  image,  for  each 
access  point.  All  access  points 
come  with  software. 

The  single-image  mandate  is  de¬ 
signed  to  make  sure  each  device 
has  the  same  software  version, 
and  the  same  standard  set  of  con¬ 
figurations  and  settings.  This 
makes  access  points  easier  to 
troubleshoot  and,  if  necessary 
replace.  Remote-control  capabili¬ 
ties  and  power  over  Ethernet  can 
make  on-site  visits  by  support 
staff  rare.  A  self-service  wireless 
Web  site  can  let  users  handle  a 
range  of  questions  and  minor 
problems  on  their  own. 

Microsoft’s  help  desk  handles 
all  client-related  issues,  such  as 
new  setup  and  public-key  infra¬ 
structure  problems.  Problems  that 
are  infrastructure-related  or  affect 
a  group  of  users  are  passed  to  the 
Global  Network  Operations 
Center.  Microsoft  reports  there  are 
about  700  help  desk  calls  each 
month  from  wireless  users. 

The  top  two  issues  for  the  net¬ 
work  operations  center  staff  are 
“hung”  or  unresponsive  access 
points,  requiring  a  reboot  or 
power  off/on  cycle.  The  replace¬ 
ment  rate  for  the  3,700-odd  ac¬ 
cess  points  so  far  works  out  to 
about  one  device  every  other 
week,  or  about  25  per  year. 

The  wireless  team  at  McGill  says 
client-related  issues  are  their 
main  operational  thorn.  McGill 
had  decided  to  use  a  VPN  to  en- 
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crypt  wireless  traffic,  without  the 
overhead  of  digital  certificates 
and  a  private-key  infrastructure. 
But  VPNs  require  client  code  run¬ 
ning  on  a  laptop  or  PDA.  McGill’s 
wireless  team  found  that  the  way 
the  Windows  operating  system 
and  the  VPN  interact  created 
problems  in  the  early  stages.  In¬ 
stalling  and  configuring  wireless 
network  interface  cards,  especial¬ 
ly  when  several  client  operating 
systems  have  to  be  supported,  is 
another  source  of  problems. 

Managing  the  spectrum 

One  of  the  most  difficult  chal¬ 
lenges  is  managing  the  radio 
spectrum,  because  most  net¬ 
work  management  tools  assume 
the  connection  medium  is  a 
wire,  not  a  radio  transmission. 
The  result  is  somewhat  analo¬ 
gous  to  trying  to  adjust  a  satellite 
TV  dish  by  yourself. 

“We’d  get  reports  [from  users] 
that  radio  coverage  wasn’t  great,” 
Noblet  says,  recalling  the  early 
stage  of  Dartmouth’s  wireless  roll¬ 
out.  “We’d  go  out  [to  the  access 
points],  jigger  things  around  and 
ask  users, ‘Is  it  working  now?”’ 

Today  Dartmouth’s  network  staff 
makes  use  of  radio  monitoring 
software  from  AirMagnet,  and 
freeware  applications  such  as 
NetStumbler,  to  get  a  more  pre¬ 
cise  picture  of  coverage  patterns 
and  throughput.  Other  signal  and 
traffic  management  tools  in¬ 
clude  applications  such  as 
Wireless  Valley  Communica¬ 
tions’  LANPIanner,  for  predicting 
radio  coverage  patterns;  and 
from  Newbury  Networks’  WiFi 
Watchdog, for  detecting,  monitor¬ 
ing  and  pinpointing  all  802.11 
devices. 

Radio  management  for  big 

See  WLAN,  page  85 
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Changing  times 

Medialive  has  refunded 
about  $40,000  to 
exhibitors  that  did  not 
fit  with  Comdex  2003’s 
new  business-focused 
theme.  As  a  result  of  the 
new  focus,  Medialive 
expects  Comdex’s  total 
attendance  to  drop 
from  125,000  in  2002  to 
about  80,000  this  year. 


Shows 

continued  from  page  1 

show  is  banning  displays  of  pure¬ 
ly  consumer  items  like  games 
and  digital  cameras. 

Comdex  isn’t  the  only  technol¬ 
ogy  show  to  suffer.  Attendance  at 
SuperComm,  the  major  service 
provider  trade  show,  dropped 
from  53,000  in  2000  to  an  esti¬ 
mated  24,000  this  year.  And  the 
fall  Atlanta  version  of  Net- 


Jack  Powers 

Chairman,  dcXpo 

World+Interop,  which  in  2001 
opened  on  Sept.  1 1, suffered  from 
poor  attendance  the  following 
year  so  Key3Media  discontinued 
the  fall  N+I,  keeping  just  the 
spring  Las  Vegas  N+I. 

Medialive  knows  more  than 
most  about  the  harsh  realities  of 
trade  shows.The  bankruptcy  was 
precipitated  by  hanging  on  too 
long  to  the  theory  that  success 
meant  high-attendance  numbers 
and  lots  of  exhibitors  spending 
lots  of  money  to  rent  floor  space, 
Priest-Heck  says. 

Now  Medialive  and  other  trade 
show  producers  are  instead  try- 


WLAN 

continued  from  page  84 

WLANs  today  really  begins  at 
the  design  stage,  where  you  can 
address  throughput  require¬ 
ments,  channel  assignments  for 
each  access  points  and  interfer¬ 
ence.  A  good  design  can  mini¬ 
mize  radio  management  prob¬ 
lems,  such  as  those  caused  by 
channel  interference. 

Both  802.11b  and  802.1  lg  net¬ 
works  run  in  the  2.4-GHz  radio 
band,  which  has  only  three  non¬ 
overlapping  channels.  Each  ac¬ 
cess  point  is  assigned  one  of 
these  channels,  and  clients  use 
that  channel  to  connect  to  a 
given  access  point.  Those  three 
channels  limit  how  many  2.4- 
GHz  devices  can  be  located 
close  together. 

“This  is  a  [network]  design 
problem,”  says  Gary  Braver,  prin¬ 
cipal  consultant  with  FastLane 
Networks,  a  WLAN  integrator.  “If 
you  have  50  users  on  one 
[802.11b]  access  point,  you  end 
up  giving  them  about  100K 


ing  to  deliver  people  likely  to 
spend  money. To  do  that  they  are 
developing  educational  confer¬ 
ences  concurrent  with  the  trade 
shows  and  distributing  market¬ 
ing  materials  that  spell  out  what 
benefits  attendees  can  expect. 
Organizers  hope  that  people  in¬ 
terested  in  serious  content  also 
will  be  empowered  to  close 
deals  with  exhibitors  at  the 
shows. 

“It’s  essential  to  present  an 


event  that  connects  pre-qualified 
buyers  and  sellers  in  a  meaning¬ 
ful  wayf  says  Rob  Scheschareg, 
vice  president  of  sales,  marketing 
and  product  development  for 
IDG  World  Expo,  a  Network  World 
corporate  cousin.  The  firm  pro¬ 
duces  the  annual  ComNet  show 
in  Washington,  D.C.,  which  once 
boasted  50,000  attendees,  was 
down  to  30,000  this  year,  and  the 
number  of  exhibitors  was  down 
two-thirds  from  two  years  ago. 

If  the  new  tactics  don’t  work, 
the  shows  won’t  win  back  the  big 
vendors  that  once  spent  lavishly 
to  exhibit  their  wares. 


bit/sec  of  sustained  throughput 
per  user.” 

Microsoft’s  IT  group  struggled 
with  this  initially  to  find  a  design 
that  balanced  the  number  of 
access  points  and  performance 
for  the  buildings  on  the  campus. 

Another  complicating  factor 
is  that  the  WLAN  radio  picture 
is  changing  constantly.  Cisco’s 
Infrastructure  IP  group  has  a 
process  of  continually  scan¬ 
ning  the  airwaves  at  all  WLAN 
sites  and  scanning  the  nets  to 
match  all  media  access  control 
addresses  that  show  up  with  a 


‘Shows  are  not  a  top  priority' 

“Trade  shows  are  not  a  top  pri- 
orityf  says  Mark  Straton,  senior 
vice  president  of  global  market¬ 
ing  for  Siemens  Enterprise  Net¬ 
working,  ICN  group.  The  compa¬ 
ny  once  spent  $1.2  million  on  its 
N+I  exhibit,  and  that  didn’t  in¬ 
clude  the  cost  of  travel,  meals 
and  lodging  for  staffers  or  lobster 
dinners  and  tickets  to  “Cirque  du 
Soleil”for200  customers.”!  would 
never  see  us  doing  that  again,” 
he  says. 

Siemens  didn’t  exhibit  at  this 
year’s  N+I,  but  deemed  it  worth¬ 
while  to  send  a  team  that  wined 
and  dined  analysts  and  trade 
press.  It  is  considering  a  return  to 
exhibiting  at  the  show  next  year. 
“We  may  do  big  shows  but  in  a 
smaller  way?’  Straton  says. 

Meanwhile,  Siemens  says  it  has 
found  better  ways  to  reach  buy¬ 
ers:  small,  single-theme  shows, 
technical  conferences  and 
events  called  Siemens  Salons, 
which  are  intimate  dinners  with 
select  customers.  The  first  salon 
was  a  dinner  for  20  CEOs  and 
their  spouses  held  recently  to  dis¬ 
cuss  whether  technology  can 
humanize  healthcare,  says 
Janyce  Harper,  events  manager 
for  Siemens. 

Similarly,  Avaya  holds  Avaya 
Forums,  gatherings  of  several 
hundred  customers  and  pro¬ 
spects  to  show  the  company’s 
wares,  talk  about  what  it  is  devel¬ 
oping  and  seek  input,  says  Pete 
de  Tagyos,  Avaya’s  global  events 


database  of  official  MAC  ad- 
dresses.This  scanning  unmasks 
unauthorized  access  points, 
but  it  also  gives  network  opera¬ 
tors  a  picture  of  the  radio 
architecture. 

“Because  your  radio  architec¬ 
ture  works  one  month,  there’s  no 
guarantee  it  will  work  the  next 
month,"  says  Oisin  Mac  Alasdair, 
technical  project  manager  with 
Cisco  Infrastructure  IT.H 
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vice  president. 

Although  Avaya  still  attends  big 
shows  such  as  N+I,  it  tries  to 
focus  more  on  likely  spenders. 

“We  invite  good  customers  for 
a  particular  time  and  have  tai¬ 
lored  demonstrations  for  that 
client.  We  find  that  to  be  the 
bread  and  butter  of  it,”  de  Tagyos 
says.’The  people  with  the  plastic 
bags  picking  up  novelties  are  not 
what  we’re  interested  in.” 

He  also  looks  to  the  boutique 
shows  aimed  at  particular  tech¬ 
nologies  such  as  voice  over  IP  or 
call  centers.  “You  have  an  awful 
lot  of  smaller  shows  that  are  very 
focused  and  that  line  up  with  our 
priorities,”  de  Tagyos  says. 

As  money  got  tight  for  ex¬ 
hibitors,  the  shows  didn’t  re¬ 
spond  by  easing  up  on  the  price 
they  charged  for  floor  space,  de 
Tagyos  says.  Medialive  seems  to 
have  learned  a  lesson  from  that. 
It  used  to  charge  a  fixed  price 
per  square  foot  no  matter  how 
much  space  a  vendor  bought. 
Floor  space  at  Comdex  this  fall  is 
volume  priced:  the  more  space 
you  buy,  the  less  it  costs  per 
square  foot.  Prices  range  from 
$59.95  down  to  $49.95  per 
square  foot,  says  Eric  Faurot.vice 
president  and  general  manager 
of  Comdex. 

The  show  also  is  being  org¬ 
anized  around  seven  technol¬ 
ogy  themes  featured  in  innova¬ 
tion  centers  on  the  show  floor 
and  is  backed  up  by  theme 
tracks  in  conference  sessions. 
This  is  intended  to  help  atten¬ 
dees  navigate  the  show  and  pin¬ 
point  the  technologies  they  are 
interested  in. 

While  attendance  at  big  shows 
has  dropped,  smaller  ones  have 
been  hurt  less,  says  Mike  Colby, 
president  of  trade-show  and  con¬ 
ference  promoter  DC1. 

“The  smaller,  more  focused 
shows  are  not  down  as  much  or 
holding  flat,”  he  says.  Also, 
because  they  focus  on  the 


hottest  technologies,  they  are 
expected  to  come  and  go.“We’re 
always  looking  for  new  ideas 
and  new  shows  to  launch,” 
he  says. 

Despite  the  troubles,  enterpris¬ 
ing  promoters  are  launching  and 
planning  major  new  shows.  Last 
week  CeBit  America,  a  slimmed 
down  version  of  CeBit  in  Han¬ 
nover, Germany  opened  in  New 
York  with  a  strict  focus  on  IT,  net¬ 
work  and  business  applications. 
Attendance  was  projected  to  be 
20,000,  one-tenth  of  CeBit  Han¬ 
nover’s  attendance. 

In  November,  another  new 
show  called  Computer  Digital 
Expo,  or  dcXpo,  will  take  place  in 
Las  Vegas  on  the  same  dates  that 
Comdex  meets. 

Jack  Powers,  dcXpo’s  Chair¬ 
man,  hopes  Comdex  is  mortally 
wounded  because  it  has  been 
tagged  as  the  big  show  that  is 
shrinking.  “Once  you  get  stuck 
with  that,  it’s  impossible  to  shake 
it,”  Powers  says. 

He  says  dcXpo,  launched  by 
Jupiter  Events,  will  have  top-shelf 
conference  sessions  but  intends 
to  brighten  them  up  with  tricks 
that  range  from  game-show  for¬ 
mats  to  voting  for  smartest  and 
dumbest  speakers  on  a  panel. 

“It’s  less  CNN  and  more  Fox  or 
MTV,”  Powers  says. 

“We  don’t  have  time  for  some 
white  guy  with  a  PowerPoint 
droning  on  at  you  for  an  hour 
with  the  same  old  crap,”  he  adds. 

The  IT  trade  show  boom  fol¬ 
lowed  by  a  bust  has  mirrored  the 
high-tech  industry,  and  so  will 
their  recovery,  Colby  says. 

“I  don’t  think  Comdex  and 
Interop  will  ever  get  back  to 
where  they  were  before.  They 
could  run  those  shows  profitably 
at  a  lower  level  and  as  the  econ¬ 
omy  upturns  they  will  increase  in 
size,”  he  says.  ■ 
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•That  just  doasn’t  scaiK’Software  changes 


The  problem:  Updating  software,  patches,  configurations  on 
access  points. 

The  big  problem:  Making  such  changes  on  3,000  access  points. 


The  think-small  solution:  Using  a  Web  GUI  to  apply  changes 
one  at  a  time. 

The  think-big  solution:  McGill  University's  IT  group  wrote  a  set 
of  Perl  scripts,  which  run  nightly,  to  apply  changes  or  collect  SNMP 
data  from  the  access  points. 
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BackSpin 


Mark  Gibbs 


Sen.  Hatch  and  the  record  industry’s  jihad 


“Illegally  download  copyright 
music  from  the  Internet  once,  or  even 
twice,  and  you  get  a  warning.  Do  it  a 
third  time,  and  your  computer  gets 
destroyed.  That’s  the  suggestion 
made  by  the  chairman  [Sen.  Orrin 
Hatch,  R-UtahJ,  of  the  Senate 
Judiciary  Committee  at  a  Tuesday 
hearing  on  copyright  abuse." 

—  The  San  Jose  Mercury  News,  June  18,  2003 

I  was  going  to  write  this  column  as  an  ethically 
persuasive  letter  to  Hatch  about  his  thoughts  (for 
want  of  a  better  word)  on  how  to  reduce  copyright 
infringement,  but  the  more  I  thought  about  it  the 
clearer  it  became  that  1  would  be  wasting  my  time. 

The  point  of  such  a  letter  would  have  been  to  pre¬ 
sent  an  organized,  cogent  argument  intended  to  get 
him  to  reconsider  his  position  by  explaining  the 
facts.  I  now  realize  that  would  be  pointless. 

You  see,  the  senator’s  position  is  (how  can  I  put 
this  nicely?)  completely  ignorant.  It  also  is  unethical, 
impractical  and  a  breach  of  trust,  and  smacks  of  a 
politician  sucking  up  to  a  rich  and  powerful  lobby 

Yes  folks,  unless  there  is  something  that  we  don’t 
know  —  such  as  the  Recording  Industry  Association 
of  America  (RIAA)  mafia  made  him  say  those  things 
under  the  threat  of  torture  —  it  looks  a  lot  like  Hatch 


The  senator's  position  is  com¬ 
pletely  ignorant ...  It  smacks 
of  a  politician  sucking  up  to  a 
rich  powerful  lobby. 


is  about  as  deep  a  thinker  as, say  Mr.  Ed.  Either  that  or 
the  senator  has  simply  lost  his  mind. 

Last  week  at  the  judiciary  hearing  on  copyright 
issues,  Randy  Saaf,  CEO  of  MediaDefender,  (de¬ 
scribed  as  “a  secretive  Los  Angeles  company”  that 
has  some  technology  to  detect  and  slow  the  transfer 
of  pirated  music)  commented  that  “No  one  is  inter¬ 
ested  in  destroying  anyone’s  computer? 

Hatch  immediately  interjected:‘Tm  interested!"  and 
went  on  to  say  that  damaging  someone’s  computer 
“may  be  the  only  way  you  can  teach  somebody 
about  copyrights.” 

According  to  the  Mercury  News,  Hatch  rampaged 
on:“lf  we  can  find  some  way  to  do  this  without 
destroying  their  machines,  we’d  be  interested  in 
hearing  about  that,  [but  if]  that’s  the  only  way  then 
I’m  all  for  destroying  their  machines.  If  you  have  a 
few  hundred  thousand  of  those,  people  would  real¬ 


ize  [the  seriousness  of  their  actions].” 

Wow. This  is  the  chairman  of  the  Senate  Judiciary 
Committee?  Talk  about  uninformed  and  short¬ 
sighted.  What  happens  when  the  copyright  police 
make  a  mistake  and  toast  the  wrong  person’s  sys¬ 
tem?  And  who  will  be  the  copyright  police?  And  . . . 
well,  I  could  rant  on,  but  you  get  the  idea. 

But  what  next?  After  that  it  will  be  a  short  road  to, 
“If  we  catch  you  listening  to  pirated  music,  we’ll  cut 
your  ears  off”  and  “If  you  break  the  speed  limit  we’ll 
rip  your  wheels  off.” 

This  sounds  rather  like  the  kind  of  justice  meted 
out  in  places  like  Iran  and  Iraq.  Wait,  maybe  Hatch  is 
on  some  kind  of  jihad  with  the  RIAAistas!  That’s  it, 
Hatch  is  a  terrorist! 

Folks,  something  needs  to  be  done. When  we  have 
the  chairman  of  the  judiciary  committee  (no  less) 
behaving  like  a  raving  lunatic  over  an  issue  that 
pales  compared  with  this  country’s  more  pressing 
issues, such  as  resolving  the  aftermath  of  the  Iraq 
war  and  dealing  with  poverty  and  healthcare  in  the 
U.S., something  is  very  wrong. 

You  might  think  Hatch  is  grandstanding  or  being 
negligent,  irresponsible,  foolish  or,  as  I  implied,  de¬ 
ranged.  Whatever  you  think  the  reason  is,  write  him 
(www.nwfusion.com,  DocFinder:  6445)  and  tell  him. 

Yet  more  outrage  to  backspin@gibbs.com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Soul  of  Kamen's  new  machine 

Ever  since  all  the  media  hoopla  and 
fanciful  speculation  erupted  early  last 
year  around  what  we  now  know  as  the  Segway  HumanTransporter —  “that  silly 
scooter”  to  skeptics  —  opinions  have  broken  roughly  into  two  camps. 

In  the  first  we  find  those  who  are  fascinated  by  the  technology  and  think  Seg¬ 
way  will  be  big,  even  if  they  don’t  share  inventor  Dean  Kamen's  conviction  that  his 
New  Hampshire  company  is  going  to  change  life  as  we  know  it  by  bridging  the  gap 
between  motorized  and  pedestrian  travel. 

In  the  second  camp  are  those  who  might  be  fascinated  if  only  they  took  the  time 
to  learn  more  and  move  beyond  nearsighted  brushoffs  about  scooters. 

That's  my  bias,  of  course,  being  a  charter  member  of  the  first  group. 

Both  fans  and  naysayers  will  find  enlightenment  in  a  new  book  by  Steve  Kemper 
called  Code  Name  Ginger:  The  Story  Behind  Segway  and  Dean  Kamen's  Quest 
to  Invent  a  New  World. The  author  enjoyed  full  access  to  the  Segway  inner  sanc¬ 
tum  from  where  he  chronicles  an  extraordinary  development  story  that  features  a 
supporting  cast  of  familiar  high-tech  characters:  Apple’s  Steve  Jobs,  Amazon's 
Jeff  Bezos  and  venture  capitalist  John  Doerr,  whose  depiction  redefines  “won't 
take  no  for  an  answer." 

Kamen  dominates,  of  course,  and  the  book  works  best  as  a  personality  profile; 
second-best  as  a  "Soul  of  a  New  Machine"  type  of  project  diary. 

It's  important  to  remember  that  this  is  a  single  portrait  of  a  complex  man  painted 
by  one  artist.  Moreover,  the  artist  is  shown  the  door  by  the  subject  before  the 
work  is  completed  (don’t  worry,  not  a  deal  killer).  Kemper  does  an  admirable  job 
of  providing  balance  to  a  story  that  could  easily  have  veered  toward  hero  worship 
or  hatchet  job. 

We  learn  that  the  words  eccentric  and  driven  don’t  begin  to  describe  Kamen. 
Nor  do  arrogant  and  stubborn. 


He  talks  endlessly  about  wanting  to  change  the  world  first  and  make  money 
second.  You  come  to  believe  him,  at  least  most  of  the  time,  in  large  part  because 
his  remarkable  medical  inventions  —  including  a  wheelchair  that  climbs  stairs  — 
have  shown  exactly  what  he  can  deliver. 

A  parade  of  fawning  would-be  investors  makes  clear  that  Kamen  could  have 
relinquished  control  of  Segway  in  exchange  for  millions  of  dollars  at  many  junc¬ 
tures.  He  insists  he  couldn't  do  that  and  still  realize  his  mission:  changing  the 
world. . .  .That's  an  easier  decision  when  you're  already  rich,  of  course. 

But  Kamen  is  a  remarkably  committed  do-gooder  —  witness  his  unceasing 
investment  of  time,  money,  prestige  and  influence  into  FIRST,  the  successful  pro¬ 
gram  he  founded  in  1989  to  promote  an  appreciation  of  science  and  technology 
among  young  people.  Nowhere  was  this  better  illustrated  than  in  the  book’s 
description  of  his  going  to  comical  extremes  to  transform  a  photo  op  with 
President  Clinton  into  an  opportunity  to  lobby  Clinton  in  behalf  of  FIRST. 

But  Kamen's  a  cheap  bastard,  too,  and  not  in  the  stereotypical  skinflint  way  that 
makes  poking  fun  at  New  Hampshire  great  sport  here  in  Massachusetts.  Kamen 
loves  his  toys  and  fancy  homes.  He’s  cheap  in  ways  that  clearly  endangered 
Segway's  chances  to  succeed:  skimping  on  staff  and  recruitment  bonuses  when 
additional  engineers  were  desperately  needed,  endlessly  delaying  important  deci¬ 
sions  rather  than  committing  to  unavoidable  costs,  underpaying  his  stars. 

No  one  disputes  his  genius,  and  the  loyalty  he  inspires  in  his  troops  is  unwaver¬ 
ing.  But  he’s  also  an  intellectual  bully  who  belittles  most  non-technical  endeavors. 
(When  he  tortures  a  teenage  clerk  at  a  mall  ice  cream  stand  because  she  doesn’t 
know  the  word  conical,  you're  hoping  she  slaps  him  one.) 

The  jury’s  still  out  on  the  commercial  acceptance  of  Segway  and  will  be  for 
years. 

But  read  this  book  and  you’ll  come  away  liking  the  invention  a  lot  more,  the 
inventor  a  little  less. 

Send  reviews  of  the  review  to  buzz@nww.com. 
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Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 
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low-cost  alternative  is  backed  by  a  5-year  warranty  and 
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Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

ww  w.  a  d  tra  n.co  m/in  fo/wh  ypa  ym  o  re 


877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 
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We've  been  listening  to  what  you,  our  customers,  have  to  say  about  the  way  the  software  industry 
does  business.  And  frankly,  some  of  it  couldn't  be  repeated  in  print.  You've  been  frustrated 
by  long-term  agreements.  You've  been  disenchanted  by  the  lack  of  options  when  it  comes  to 
software  licensing.  And,  most  of  all,  you've  been  annoyed  that  no  one's  been  listening  to  any 
of  your  complaints. 

Well,  we  want  you  to  know  that  we  hear  you,  and  we've  been  doing  everything  we  can  to  change 
the  way  we  do  business  with  you.  Recently,  we've  revolutionized  the  industry  by  being  the  first 
to  introduce  flexible  licensing  contracts.  With  FlexSelect  Licensing",  you  can  now  get  software 
on  your  terms,  not  ours.  We  offer  short-term  or  long-term  licensing  agreements,  so  you  can 
choose  your  commitment  based  on  your  needs.  Of  course,  if  you  prefer  more  traditional  long¬ 
term  licensing,  it's  still  available.  And  we  offer  payment  plans  that  fit  the  way  you  work,  not 
the  other  way  around. 


Flexible  software  licensing  is  about  choice. 

It's  about  control. 

It's  about  time. 


We've  heard  back  from  many  of  our  customers  and  they're  thrilled  with  the  changes.  From  global 
Fortune  500®  companies  to  smaller  organizations,  the  response  has  been  overwhelmingly 
positive.  Some  of  the  comments  we've  received  include  "flexible  licensing  is  a  tremendous  tool," 
"a  huge  win  for  CA  customers"  and  "clearly  demonstrates  that  CA  is  an  extremely  innovative, 
flexible  and  customer-focused  company." 

But  the  changes  don't  stop  with  flexible  licensing.  That's  just  one  part  of  our  renewed  focus 
on  you,  our  customers.  We've  also  increased  our  responsiveness  to  your  needs.  And  we've  even 
increased  our  focus  on  internal  research  and  development,  furthering  our  commitment  to 
creating  the  most  innovative  business  software  solutions  in  the  market. 

Innovations  in  licensing,  increased  customer  responsiveness  and  product  development  are  just 
a  few  more  ways  we're  staying  well  ahead  of  the  rest  of  the  pack  in  the  software  industry.  Contact 
us  at  ca.com/flexselect  today  to  find  out  more.  We  think  you'll  be  pleased  with  what  you  see. 
If  not,  let  us  know.  And  we'll  do  something  about  it. 


FlexSelect  Licensing” 
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